0.30.1-0.1-0.30.50.70.900base value00fPartner for Strength(inputs)
inputs
0.0
0.0
Chairman
0.0
of
0.0
the
0.0
Joint
0.0
Chiefs
0.0
of
0.0
Staff
0.0
:
0.0
Establish
0.0
and
0.0
maintain
0.0
a
0.0
JOSE
0.0
to
0.0
provide
0.0
OPS
0.0
EC
0.0
training
0.0
,
0.0
program
0.0
review
0.0
,
0.0
surveys
0.0
,
0.0
and
0.0
planning
0.0
and
0.0
exercise
0.0
support
0.0
to
0.0
the
0.0
Combat
0.0
ant
0.0
Commanders
0.0
and
0.0
their
0.0
subordinate
0.0
joint
0.0
force
0.0
commands
0.0
(
0.0
reference
0.0
b
0.0
)
0.0
.
0.0
000000000000000000000base value00fPartner for Strength(inputs)
inputs
0.0
0.0
Chairman
0.0
of
0.0
the
0.0
Joint
0.0
Chiefs
0.0
of
0.0
Staff
0.0
:
0.0
Establish
0.0
and
0.0
maintain
0.0
a
0.0
JOSE
0.0
to
0.0
provide
0.0
OPS
0.0
EC
0.0
training
0.0
,
0.0
program
0.0
review
0.0
,
0.0
surveys
0.0
,
0.0
and
0.0
planning
0.0
and
0.0
exercise
0.0
support
0.0
to
0.0
the
0.0
Combat
0.0
ant
0.0
Commanders
0.0
and
0.0
their
0.0
subordinate
0.0
joint
0.0
force
0.0
commands
0.0
(
0.0
reference
0.0
b
0.0
)
0.0
.
0.0
0.30.1-0.1-0.30.50.70.90.413870.41387base value00fPrevent and Delay Attackers and Prevent Attackers from Staying(inputs)0.052subordinate0.042exercise support to the0.039Combatant0.038commands0.036provide0.035Commanders0.031Establish0.026force0.018maintain0.013joint0.013and0.012a0.012their0.012and0.01and planning and0.008to0.008JOSE0.002Chairman0.001the0.0surveys,-0.238EC-0.174OPS-0.092training-0.09Chiefs-0.047of-0.043.-0.031Joint-0.021,-0.019(-0.017:-0.016reference b-0.01of-0.01Staff-0.006program
review-0.004,-0.003)-0.002
inputs
-0.002
0.002
Chairman
-0.047
of
0.001
the
-0.031
Joint
-0.09
Chiefs
-0.01
of
-0.01
Staff
-0.017
:
0.031
Establish
0.012
and
0.018
maintain
0.012
a
0.008
JOSE
0.008
to
0.036
provide
-0.174
OPS
-0.238
EC
-0.092
training
-0.021
,
-0.006 / 2
program
review
-0.004
,
0.0 / 2
surveys,
0.01 / 3
and planning and
0.042 / 4
exercise support to the
0.039 / 2
Combatant
0.035
Commanders
0.013
and
0.012
their
0.052
subordinate
0.013
joint
0.026
force
0.038
commands
-0.019
(
-0.016 / 2
reference b
-0.003
)
-0.043
.
0.0
0.20-0.2-0.40.40.60.80.413870.41387base value00fPrevent and Delay Attackers and Prevent Attackers from Staying(inputs)0.052subordinate0.042exercise support to the0.039Combatant0.038commands0.036provide0.035Commanders0.031Establish0.026force0.018maintain0.013joint0.013and0.012a0.012their0.012and0.01and planning and0.008to0.008JOSE0.002Chairman0.001the0.0surveys,-0.238EC-0.174OPS-0.092training-0.09Chiefs-0.047of-0.043.-0.031Joint-0.021,-0.019(-0.017:-0.016reference b-0.01of-0.01Staff-0.006program
review-0.004,-0.003)-0.002
inputs
-0.002
0.002
Chairman
-0.047
of
0.001
the
-0.031
Joint
-0.09
Chiefs
-0.01
of
-0.01
Staff
-0.017
:
0.031
Establish
0.012
and
0.018
maintain
0.012
a
0.008
JOSE
0.008
to
0.036
provide
-0.174
OPS
-0.238
EC
-0.092
training
-0.021
,
-0.006 / 2
program
review
-0.004
,
0.0 / 2
surveys,
0.01 / 3
and planning and
0.042 / 4
exercise support to the
0.039 / 2
Combatant
0.035
Commanders
0.013
and
0.012
their
0.052
subordinate
0.013
joint
0.026
force
0.038
commands
-0.019
(
-0.016 / 2
reference b
-0.003
)
-0.043
.
0.0
0.30.1-0.1-0.30.50.70.900base value00fSecure Data in Transit(inputs)
inputs
0.0
0.0
Chairman
0.0
of
0.0
the
0.0
Joint
0.0
Chiefs
0.0
of
0.0
Staff
0.0
:
0.0
Establish
0.0
and
0.0
maintain
0.0
a
0.0
JOSE
0.0
to
0.0
provide
0.0
OPS
0.0
EC
0.0
training
0.0
,
0.0
program
0.0
review
0.0
,
0.0
surveys
0.0
,
0.0
and
0.0
planning
0.0
and
0.0
exercise
0.0
support
0.0
to
0.0
the
0.0
Combat
0.0
ant
0.0
Commanders
0.0
and
0.0
their
0.0
subordinate
0.0
joint
0.0
force
0.0
commands
0.0
(
0.0
reference
0.0
b
0.0
)
0.0
.
0.0
000000000000000000000base value00fSecure Data in Transit(inputs)
0.50.30.10.70.900base value00fPartner for Strength(inputs)
inputs
0.0
0.0
The
0.0
primary
0.0
objectives
0.0
of
0.0
the
0.0
cyber
0.0
incident
0.0
handling
0.0
process
0.0
are
0.0
to
0.0
:
0.0
Safely
0.0
acquire
0.0
and
0.0
preserve
0.0
the
0.0
integrity
0.0
of
0.0
data
0.0
required
0.0
for
0.0
cyber
0.0
incident
0.0
analysis
0.0
to
0.0
help
0.0
determine
0.0
the
0.0
technical
0.0
/
0.0
operational
0.0
impact
0.0
,
0.0
root
0.0
cause
0.0
(
0.0
s
0.0
)
0.0
,
0.0
scope
0.0
,
0.0
and
0.0
nature
0.0
of
0.0
the
0.0
cyber
0.0
event
0.0
or
0.0
incident
0.0
.
0.0
000000000000000000000base value00fPartner for Strength(inputs)
inputs
0.0
0.0
The
0.0
primary
0.0
objectives
0.0
of
0.0
the
0.0
cyber
0.0
incident
0.0
handling
0.0
process
0.0
are
0.0
to
0.0
:
0.0
Safely
0.0
acquire
0.0
and
0.0
preserve
0.0
the
0.0
integrity
0.0
of
0.0
data
0.0
required
0.0
for
0.0
cyber
0.0
incident
0.0
analysis
0.0
to
0.0
help
0.0
determine
0.0
the
0.0
technical
0.0
/
0.0
operational
0.0
impact
0.0
,
0.0
root
0.0
cause
0.0
(
0.0
s
0.0
)
0.0
,
0.0
scope
0.0
,
0.0
and
0.0
nature
0.0
of
0.0
the
0.0
cyber
0.0
event
0.0
or
0.0
incident
0.0
.
0.0
0.50.30.10.70.900base value0.9582330.958233fPrevent and Delay Attackers and Prevent Attackers from Staying(inputs)0.222incident0.126event0.093cyber0.069incident0.062incident0.056:0.047integrity0.045cyber0.043cyber0.03objectives0.028are0.028handling0.024impact0.015The0.014analysis0.013the0.012of0.01determine0.01or0.01data0.008nature0.008the0.005preserve0.004Safely0.004/0.004the0.003operational0.003and0.003of0.003,0.002required0.002for0.002and0.002to0.002the0.001root cause(s),0.001technical0.00.0scope,-0.028of-0.009.-0.008primary-0.005to-0.002process-0.002help-0.001acquire-0.0
inputs
0.0
0.015
The
-0.008
primary
0.03
objectives
-0.028
of
0.008
the
0.043
cyber
0.069
incident
0.028
handling
-0.002
process
0.028
are
-0.005
to
0.056
:
0.004
Safely
-0.001
acquire
0.003
and
0.005
preserve
0.002
the
0.047
integrity
0.003
of
0.01
data
0.002
required
0.002
for
0.045
cyber
0.062
incident
0.014
analysis
0.002
to
-0.002
help
0.01
determine
0.004
the
0.001
technical
0.004
/
0.003
operational
0.024
impact
0.003
,
0.001 / 6
root cause(s),
0.0 / 2
scope,
0.002
and
0.008
nature
0.012
of
0.013
the
0.093
cyber
0.126
event
0.01
or
0.222
incident
-0.009
.
-0.0
0.50.30.10.70.900base value0.9582330.958233fPrevent and Delay Attackers and Prevent Attackers from Staying(inputs)0.222incident0.126event0.093cyber0.069incident0.062incident0.056:0.047integrity0.045cyber0.043cyber0.03objectives0.028are0.028handling0.024impact0.015The0.014analysis0.013the0.012of0.01determine0.01or0.01data0.008nature0.008the0.005preserve0.004Safely0.004/0.004the0.003operational0.003and0.003of0.003,0.002required0.002for0.002and0.002to0.002the0.001root cause(s),0.001technical0.00.0scope,-0.028of-0.009.-0.008primary-0.005to-0.002process-0.002help-0.001acquire-0.0
inputs
0.0
0.015
The
-0.008
primary
0.03
objectives
-0.028
of
0.008
the
0.043
cyber
0.069
incident
0.028
handling
-0.002
process
0.028
are
-0.005
to
0.056
:
0.004
Safely
-0.001
acquire
0.003
and
0.005
preserve
0.002
the
0.047
integrity
0.003
of
0.01
data
0.002
required
0.002
for
0.045
cyber
0.062
incident
0.014
analysis
0.002
to
-0.002
help
0.01
determine
0.004
the
0.001
technical
0.004
/
0.003
operational
0.024
impact
0.003
,
0.001 / 6
root cause(s),
0.0 / 2
scope,
0.002
and
0.008
nature
0.012
of
0.013
the
0.093
cyber
0.126
event
0.01
or
0.222
incident
-0.009
.
-0.0
0.50.30.10.70.900base value00fSecure Data in Transit(inputs)
inputs
0.0
0.0
The
0.0
primary
0.0
objectives
0.0
of
0.0
the
0.0
cyber
0.0
incident
0.0
handling
0.0
process
0.0
are
0.0
to
0.0
:
0.0
Safely
0.0
acquire
0.0
and
0.0
preserve
0.0
the
0.0
integrity
0.0
of
0.0
data
0.0
required
0.0
for
0.0
cyber
0.0
incident
0.0
analysis
0.0
to
0.0
help
0.0
determine
0.0
the
0.0
technical
0.0
/
0.0
operational
0.0
impact
0.0
,
0.0
root
0.0
cause
0.0
(
0.0
s
0.0
)
0.0
,
0.0
scope
0.0
,
0.0
and
0.0
nature
0.0
of
0.0
the
0.0
cyber
0.0
event
0.0
or
0.0
incident
0.0
.
0.0
000000000000000000000base value00fSecure Data in Transit(inputs)
0.50.30.10.70.900base value00fUnderstand the Battlespace(inputs)
inputs
0.0
0.0
The
0.0
primary
0.0
objectives
0.0
of
0.0
the
0.0
cyber
0.0
incident
0.0
handling
0.0
process
0.0
are
0.0
to
0.0
:
0.0
Safely
0.0
acquire
0.0
and
0.0
preserve
0.0
the
0.0
integrity
0.0
of
0.0
data
0.0
required
0.0
for
0.0
cyber
0.0
incident
0.0
analysis
0.0
to
0.0
help
0.0
determine
0.0
the
0.0
technical
0.0
/
0.0
operational
0.0
impact
0.0
,
0.0
root
0.0
cause
0.0
(
0.0
s
0.0
)
0.0
,
0.0
scope
0.0
,
0.0
and
0.0
nature
0.0
of
0.0
the
0.0
cyber
0.0
event
0.0
or
0.0
incident
0.0
.
0.0
000000000000000000000base value00fUnderstand the Battlespace(inputs)
inputs
0.0
0.0
The
0.0
primary
0.0
objectives
0.0
of
0.0
the
0.0
cyber
0.0
incident
0.0
handling
0.0
process
0.0
are
0.0
to
0.0
:
0.0
Safely
0.0
acquire
0.0
and
0.0
preserve
0.0
the
0.0
integrity
0.0
of
0.0
data
0.0
required
0.0
for
0.0
cyber
0.0
incident
0.0
analysis
0.0
to
0.0
help
0.0
determine
0.0
the
0.0
technical
0.0
/
0.0
operational
0.0
impact
0.0
,
0.0
root
0.0
cause
0.0
(
0.0
s
0.0
)
0.0
,
0.0
scope
0.0
,
0.0
and
0.0
nature
0.0
of
0.0
the
0.0
cyber
0.0
event
0.0
or
0.0
incident
0.0
.
0.0
SHAP explanation for sample #3
outputs
Assure Information Sharing
Design for the Fight
Develop and Maintain Trust
Develop the Workforce
Develop the Workforce
Manage Access
Partner for Strength
Prevent and Delay Attackers and Prevent Attackers from Staying
Secure Data in Transit
Strengthen Cyber Readiness
Sustain Missions
Understand the Battlespace
0.20-0.2-0.40.40.600base value00fAssure Information Sharing(inputs)0.136OPSEC PROGRAM LEVELS0.071OPSEC0.05OPSEC program that0.042training on0.029OPSEC0.026requires a moderate amount0.017.0.012Level I0.012it shall be headed0.012.0.012by a program manager0.011training for0.008OPSEC management0.006OPSEC program for0.006A Level II program is a midlevel0.004Level I requirements0.004and0.002of program management and dedicated resources.0.0010.001and directors.-0.034of the following program levels.-0.033commanders and directors shall implement one-0.03that-0.029coordinators-0.029Level I-0.029determined a minimal level of-0.022Based on the sensitivity of the mission and-0.018identified contractors; coordinate-0.015A Level I program-0.015initial-0.015:Ensure-0.015attendant threats,-0.015is a baseline-0.013resources are required.-0.013which the commander has-0.012A Level II program shall meet all the-0.01Commanders and-0.01employees-0.009to all-0.009provided-0.008The following levels of-0.008required for their mission-0.008is-0.008refresher-0.008involvement are provided as guidance to commanders-0.007and annual-0.007SUBCOMPONENT-0.006directors shall-0.006determine what-0.006and-0.005level of-0.004program is-0.003A Level I program may fall under the oversight of a Level II or Level III program. Level II.-0.003In addition,-0.002who shall-0.001.-0.001.
inputs
0.001
-0.007 / 4
SUBCOMPONENT
0.136 / 4
OPSEC PROGRAM LEVELS
0.012
.
-0.008 / 4
The following levels of
-0.008 / 7
involvement are provided as guidance to commanders
0.001 / 3
and directors.
-0.01 / 2
Commanders and
-0.006 / 2
directors shall
-0.006 / 2
determine what
-0.005 / 2
level of
-0.004 / 2
program is
-0.008 / 4
required for their mission
-0.001
.
-0.022 / 8
Based on the sensitivity of the mission and
-0.015 / 3
attendant threats,
-0.033 / 6
commanders and directors shall implement one
-0.034 / 6
of the following program levels.
-0.029 / 2
Level I
-0.001
.
-0.015 / 4
A Level I program
-0.015 / 3
is a baseline
0.006 / 4
OPSEC program for
-0.013 / 4
which the commander has
-0.029 / 5
determined a minimal level of
0.008 / 3
OPSEC management
0.004
and
-0.013 / 4
resources are required.
-0.003 / 21
A Level I program may fall under the oversight of a Level II or Level III program. Level II.
0.006 / 9
A Level II program is a midlevel
0.05 / 4
OPSEC program that
0.026 / 4
requires a moderate amount
0.002 / 7
of program management and dedicated resources.
-0.012 / 8
A Level II program shall meet all the
0.004 / 3
Level I requirements
0.017
.
-0.003 / 3
In addition,
0.012 / 4
it shall be headed
0.012 / 4
by a program manager
0.0
(
0.0
defined
0.0
in
0.0
Reference
0.0
(
0.0
a
0.0
)
0.0
)
0.0
,
-0.002 / 2
who shall
-0.015 / 2
:Ensure
-0.03
that
-0.015
initial
-0.007 / 2
and annual
-0.008 / 3
refresher
0.042 / 2
training on
0.071 / 2
OPSEC
-0.008
is
-0.009
provided
-0.009 / 2
to all
-0.01
employees
-0.006
and
-0.018 / 4
identified contractors; coordinate
0.011 / 2
training for
0.012 / 2
Level I
0.029 / 2
OPSEC
-0.029 / 2
coordinators
0.0
.
0.0
0-0.2-0.40.20.400base value00fAssure Information Sharing(inputs)0.136OPSEC PROGRAM LEVELS0.071OPSEC0.05OPSEC program that0.042training on0.029OPSEC0.026requires a moderate amount0.017.0.012Level I0.012it shall be headed0.012.0.012by a program manager0.011training for0.008OPSEC management0.006OPSEC program for0.006A Level II program is a midlevel0.004Level I requirements0.004and0.002of program management and dedicated resources.0.0010.001and directors.-0.034of the following program levels.-0.033commanders and directors shall implement one-0.03that-0.029coordinators-0.029Level I-0.029determined a minimal level of-0.022Based on the sensitivity of the mission and-0.018identified contractors; coordinate-0.015A Level I program-0.015initial-0.015:Ensure-0.015attendant threats,-0.015is a baseline-0.013resources are required.-0.013which the commander has-0.012A Level II program shall meet all the-0.01Commanders and-0.01employees-0.009to all-0.009provided-0.008The following levels of-0.008required for their mission-0.008is-0.008refresher-0.008involvement are provided as guidance to commanders-0.007and annual-0.007SUBCOMPONENT-0.006directors shall-0.006determine what-0.006and-0.005level of-0.004program is-0.003A Level I program may fall under the oversight of a Level II or Level III program. Level II.-0.003In addition,-0.002who shall-0.001.-0.001.
inputs
0.001
-0.007 / 4
SUBCOMPONENT
0.136 / 4
OPSEC PROGRAM LEVELS
0.012
.
-0.008 / 4
The following levels of
-0.008 / 7
involvement are provided as guidance to commanders
0.001 / 3
and directors.
-0.01 / 2
Commanders and
-0.006 / 2
directors shall
-0.006 / 2
determine what
-0.005 / 2
level of
-0.004 / 2
program is
-0.008 / 4
required for their mission
-0.001
.
-0.022 / 8
Based on the sensitivity of the mission and
-0.015 / 3
attendant threats,
-0.033 / 6
commanders and directors shall implement one
-0.034 / 6
of the following program levels.
-0.029 / 2
Level I
-0.001
.
-0.015 / 4
A Level I program
-0.015 / 3
is a baseline
0.006 / 4
OPSEC program for
-0.013 / 4
which the commander has
-0.029 / 5
determined a minimal level of
0.008 / 3
OPSEC management
0.004
and
-0.013 / 4
resources are required.
-0.003 / 21
A Level I program may fall under the oversight of a Level II or Level III program. Level II.
0.006 / 9
A Level II program is a midlevel
0.05 / 4
OPSEC program that
0.026 / 4
requires a moderate amount
0.002 / 7
of program management and dedicated resources.
-0.012 / 8
A Level II program shall meet all the
0.004 / 3
Level I requirements
0.017
.
-0.003 / 3
In addition,
0.012 / 4
it shall be headed
0.012 / 4
by a program manager
0.0
(
0.0
defined
0.0
in
0.0
Reference
0.0
(
0.0
a
0.0
)
0.0
)
0.0
,
-0.002 / 2
who shall
-0.015 / 2
:Ensure
-0.03
that
-0.015
initial
-0.007 / 2
and annual
-0.008 / 3
refresher
0.042 / 2
training on
0.071 / 2
OPSEC
-0.008
is
-0.009
provided
-0.009 / 2
to all
-0.01
employees
-0.006
and
-0.018 / 4
identified contractors; coordinate
0.011 / 2
training for
0.012 / 2
Level I
0.029 / 2
OPSEC
-0.029 / 2
coordinators
0.0
.
0.0
0.20-0.2-0.40.40.600base value00fDesign for the Fight(inputs)0.007Level I requirements-0.007.
inputs
0.0
0.0
SUB
0.0
COM
0.0
PONE
0.0
NT
0.0
OPS
0.0
EC
0.0
PROGRAM
0.0
LEVELS
0.0
.
0.0
The
0.0
following
0.0
levels
0.0
of
0.0
involvement
0.0
are
0.0
provided
0.0
as
0.0
guidance
0.0
to
0.0
commanders
0.0
and
0.0
directors
0.0
.
0.0
Commanders
0.0
and
0.0
directors
0.0
shall
0.0
determine
0.0
what
0.0
level
0.0
of
0.0
program
0.0
is
0.0
required
0.0
for
0.0
their
0.0
mission
0.0
.
0.0
Based
0.0
on
0.0
the
0.0
sensitivity
0.0
of
0.0
the
0.0
mission
0.0
and
0.0
attendant
0.0
threats
0.0
,
0.0
commanders
0.0
and
0.0
directors
0.0
shall
0.0
implement
0.0
one
0.0
of
0.0
the
0.0
following
0.0
program
0.0
levels
0.0
.
0.0
Level
0.0
I
0.0
.
0.0
A
0.0
Level
0.0
I
0.0
program
0.0
is
0.0
a
0.0
baseline
0.0
OPS
0.0
EC
0.0
program
0.0
for
0.0
which
0.0
the
0.0
commander
0.0
has
0.0
determined
0.0
a
0.0
minimal
0.0
level
0.0
of
0.0
OPS
0.0
EC
0.0
management
0.0
and
0.0
resources
0.0
are
0.0
required
0.0
.
0.0
A
0.0
Level
0.0
I
0.0
program
0.0
may
0.0
fall
0.0
under
0.0
the
0.0
oversight
0.0
of
0.0
a
0.0
Level
0.0
II
0.0
or
0.0
Level
0.0
III
0.0
program
0.0
.
0.0
Level
0.0
II
0.0
.
0.0
A
0.0
Level
0.0
II
0.0
program
0.0
is
0.0
a
0.0
mid
0.0
lev
0.0
el
0.0
OPS
0.0
EC
0.0
program
0.0
that
0.0
requires
0.0
a
0.0
moderate
0.0
amount
0.0
of
0.0
program
0.0
management
0.0
and
0.0
dedicated
0.0
resources
0.0
.
0.0
A
0.0
Level
0.0
II
0.0
program
0.0
shall
0.0
meet
0.0
all
0.0
the
0.007 / 3
Level I requirements
-0.007
.
0.0
In
0.0
addition
0.0
,
0.0
it
0.0
shall
0.0
be
0.0
headed
0.0
by
0.0
a
0.0
program
0.0
manager
0.0
(
0.0
defined
0.0
in
0.0
Reference
0.0
(
0.0
a
0.0
)
0.0
)
0.0
,
0.0
who
0.0
shall
0.0
:
0.0
Ensure
0.0
that
0.0
initial
0.0
and
0.0
annual
0.0
ref
0.0
resh
0.0
er
0.0
training
0.0
on
0.0
OPS
0.0
EC
0.0
is
0.0
provided
0.0
to
0.0
all
0.0
employees
0.0
and
0.0
identified
0.0
contractors
0.0
;
0.0
coordinate
0.0
training
0.0
for
0.0
Level
0.0
I
0.0
OPS
0.0
EC
0.0
coordinator
0.0
s
0.0
.
0.0
-0-0.002-0.004-0.0060.0020.0040.00600base value00fDesign for the Fight(inputs)0.007Level I requirements-0.007.
inputs
0.0
0.0
SUB
0.0
COM
0.0
PONE
0.0
NT
0.0
OPS
0.0
EC
0.0
PROGRAM
0.0
LEVELS
0.0
.
0.0
The
0.0
following
0.0
levels
0.0
of
0.0
involvement
0.0
are
0.0
provided
0.0
as
0.0
guidance
0.0
to
0.0
commanders
0.0
and
0.0
directors
0.0
.
0.0
Commanders
0.0
and
0.0
directors
0.0
shall
0.0
determine
0.0
what
0.0
level
0.0
of
0.0
program
0.0
is
0.0
required
0.0
for
0.0
their
0.0
mission
0.0
.
0.0
Based
0.0
on
0.0
the
0.0
sensitivity
0.0
of
0.0
the
0.0
mission
0.0
and
0.0
attendant
0.0
threats
0.0
,
0.0
commanders
0.0
and
0.0
directors
0.0
shall
0.0
implement
0.0
one
0.0
of
0.0
the
0.0
following
0.0
program
0.0
levels
0.0
.
0.0
Level
0.0
I
0.0
.
0.0
A
0.0
Level
0.0
I
0.0
program
0.0
is
0.0
a
0.0
baseline
0.0
OPS
0.0
EC
0.0
program
0.0
for
0.0
which
0.0
the
0.0
commander
0.0
has
0.0
determined
0.0
a
0.0
minimal
0.0
level
0.0
of
0.0
OPS
0.0
EC
0.0
management
0.0
and
0.0
resources
0.0
are
0.0
required
0.0
.
0.0
A
0.0
Level
0.0
I
0.0
program
0.0
may
0.0
fall
0.0
under
0.0
the
0.0
oversight
0.0
of
0.0
a
0.0
Level
0.0
II
0.0
or
0.0
Level
0.0
III
0.0
program
0.0
.
0.0
Level
0.0
II
0.0
.
0.0
A
0.0
Level
0.0
II
0.0
program
0.0
is
0.0
a
0.0
mid
0.0
lev
0.0
el
0.0
OPS
0.0
EC
0.0
program
0.0
that
0.0
requires
0.0
a
0.0
moderate
0.0
amount
0.0
of
0.0
program
0.0
management
0.0
and
0.0
dedicated
0.0
resources
0.0
.
0.0
A
0.0
Level
0.0
II
0.0
program
0.0
shall
0.0
meet
0.0
all
0.0
the
0.007 / 3
Level I requirements
-0.007
.
0.0
In
0.0
addition
0.0
,
0.0
it
0.0
shall
0.0
be
0.0
headed
0.0
by
0.0
a
0.0
program
0.0
manager
0.0
(
0.0
defined
0.0
in
0.0
Reference
0.0
(
0.0
a
0.0
)
0.0
)
0.0
,
0.0
who
0.0
shall
0.0
:
0.0
Ensure
0.0
that
0.0
initial
0.0
and
0.0
annual
0.0
ref
0.0
resh
0.0
er
0.0
training
0.0
on
0.0
OPS
0.0
EC
0.0
is
0.0
provided
0.0
to
0.0
all
0.0
employees
0.0
and
0.0
identified
0.0
contractors
0.0
;
0.0
coordinate
0.0
training
0.0
for
0.0
Level
0.0
I
0.0
OPS
0.0
EC
0.0
coordinator
0.0
s
0.0
.
0.0
0.20-0.2-0.40.40.600base value00fDevelop and Maintain Trust(inputs)
inputs
0.0
0.0
SUB
0.0
COM
0.0
PONE
0.0
NT
0.0
OPS
0.0
EC
0.0
PROGRAM
0.0
LEVELS
0.0
.
0.0
The
0.0
following
0.0
levels
0.0
of
0.0
involvement
0.0
are
0.0
provided
0.0
as
0.0
guidance
0.0
to
0.0
commanders
0.0
and
0.0
directors
0.0
.
0.0
Commanders
0.0
and
0.0
directors
0.0
shall
0.0
determine
0.0
what
0.0
level
0.0
of
0.0
program
0.0
is
0.0
required
0.0
for
0.0
their
0.0
mission
0.0
.
0.0
Based
0.0
on
0.0
the
0.0
sensitivity
0.0
of
0.0
the
0.0
mission
0.0
and
0.0
attendant
0.0
threats
0.0
,
0.0
commanders
0.0
and
0.0
directors
0.0
shall
0.0
implement
0.0
one
0.0
of
0.0
the
0.0
following
0.0
program
0.0
levels
0.0
.
0.0
Level
0.0
I
0.0
.
0.0
A
0.0
Level
0.0
I
0.0
program
0.0
is
0.0
a
0.0
baseline
0.0
OPS
0.0
EC
0.0
program
0.0
for
0.0
which
0.0
the
0.0
commander
0.0
has
0.0
determined
0.0
a
0.0
minimal
0.0
level
0.0
of
0.0
OPS
0.0
EC
0.0
management
0.0
and
0.0
resources
0.0
are
0.0
required
0.0
.
0.0
A
0.0
Level
0.0
I
0.0
program
0.0
may
0.0
fall
0.0
under
0.0
the
0.0
oversight
0.0
of
0.0
a
0.0
Level
0.0
II
0.0
or
0.0
Level
0.0
III
0.0
program
0.0
.
0.0
Level
0.0
II
0.0
.
0.0
A
0.0
Level
0.0
II
0.0
program
0.0
is
0.0
a
0.0
mid
0.0
lev
0.0
el
0.0
OPS
0.0
EC
0.0
program
0.0
that
0.0
requires
0.0
a
0.0
moderate
0.0
amount
0.0
of
0.0
program
0.0
management
0.0
and
0.0
dedicated
0.0
resources
0.0
.
0.0
A
0.0
Level
0.0
II
0.0
program
0.0
shall
0.0
meet
0.0
all
0.0
the
0.0
Level
0.0
I
0.0
requirements
0.0
.
0.0
In
0.0
addition
0.0
,
0.0
it
0.0
shall
0.0
be
0.0
headed
0.0
by
0.0
a
0.0
program
0.0
manager
0.0
(
0.0
defined
0.0
in
0.0
Reference
0.0
(
0.0
a
0.0
)
0.0
)
0.0
,
0.0
who
0.0
shall
0.0
:
0.0
Ensure
0.0
that
0.0
initial
0.0
and
0.0
annual
0.0
ref
0.0
resh
0.0
er
0.0
training
0.0
on
0.0
OPS
0.0
EC
0.0
is
0.0
provided
0.0
to
0.0
all
0.0
employees
0.0
and
0.0
identified
0.0
contractors
0.0
;
0.0
coordinate
0.0
training
0.0
for
0.0
Level
0.0
I
0.0
OPS
0.0
EC
0.0
coordinator
0.0
s
0.0
.
0.0
000000000000000000000base value00fDevelop and Maintain Trust(inputs)
inputs
0.0
0.0
SUB
0.0
COM
0.0
PONE
0.0
NT
0.0
OPS
0.0
EC
0.0
PROGRAM
0.0
LEVELS
0.0
.
0.0
The
0.0
following
0.0
levels
0.0
of
0.0
involvement
0.0
are
0.0
provided
0.0
as
0.0
guidance
0.0
to
0.0
commanders
0.0
and
0.0
directors
0.0
.
0.0
Commanders
0.0
and
0.0
directors
0.0
shall
0.0
determine
0.0
what
0.0
level
0.0
of
0.0
program
0.0
is
0.0
required
0.0
for
0.0
their
0.0
mission
0.0
.
0.0
Based
0.0
on
0.0
the
0.0
sensitivity
0.0
of
0.0
the
0.0
mission
0.0
and
0.0
attendant
0.0
threats
0.0
,
0.0
commanders
0.0
and
0.0
directors
0.0
shall
0.0
implement
0.0
one
0.0
of
0.0
the
0.0
following
0.0
program
0.0
levels
0.0
.
0.0
Level
0.0
I
0.0
.
0.0
A
0.0
Level
0.0
I
0.0
program
0.0
is
0.0
a
0.0
baseline
0.0
OPS
0.0
EC
0.0
program
0.0
for
0.0
which
0.0
the
0.0
commander
0.0
has
0.0
determined
0.0
a
0.0
minimal
0.0
level
0.0
of
0.0
OPS
0.0
EC
0.0
management
0.0
and
0.0
resources
0.0
are
0.0
required
0.0
.
0.0
A
0.0
Level
0.0
I
0.0
program
0.0
may
0.0
fall
0.0
under
0.0
the
0.0
oversight
0.0
of
0.0
a
0.0
Level
0.0
II
0.0
or
0.0
Level
0.0
III
0.0
program
0.0
.
0.0
Level
0.0
II
0.0
.
0.0
A
0.0
Level
0.0
II
0.0
program
0.0
is
0.0
a
0.0
mid
0.0
lev
0.0
el
0.0
OPS
0.0
EC
0.0
program
0.0
that
0.0
requires
0.0
a
0.0
moderate
0.0
amount
0.0
of
0.0
program
0.0
management
0.0
and
0.0
dedicated
0.0
resources
0.0
.
0.0
A
0.0
Level
0.0
II
0.0
program
0.0
shall
0.0
meet
0.0
all
0.0
the
0.0
Level
0.0
I
0.0
requirements
0.0
.
0.0
In
0.0
addition
0.0
,
0.0
it
0.0
shall
0.0
be
0.0
headed
0.0
by
0.0
a
0.0
program
0.0
manager
0.0
(
0.0
defined
0.0
in
0.0
Reference
0.0
(
0.0
a
0.0
)
0.0
)
0.0
,
0.0
who
0.0
shall
0.0
:
0.0
Ensure
0.0
that
0.0
initial
0.0
and
0.0
annual
0.0
ref
0.0
resh
0.0
er
0.0
training
0.0
on
0.0
OPS
0.0
EC
0.0
is
0.0
provided
0.0
to
0.0
all
0.0
employees
0.0
and
0.0
identified
0.0
contractors
0.0
;
0.0
coordinate
0.0
training
0.0
for
0.0
Level
0.0
I
0.0
OPS
0.0
EC
0.0
coordinator
0.0
s
0.0
.
0.0
0.20-0.2-0.40.40.600base value00fDevelop the Workforce(inputs)
inputs
0.0
0.0
SUB
0.0
COM
0.0
PONE
0.0
NT
0.0
OPS
0.0
EC
0.0
PROGRAM
0.0
LEVELS
0.0
.
0.0
The
0.0
following
0.0
levels
0.0
of
0.0
involvement
0.0
are
0.0
provided
0.0
as
0.0
guidance
0.0
to
0.0
commanders
0.0
and
0.0
directors
0.0
.
0.0
Commanders
0.0
and
0.0
directors
0.0
shall
0.0
determine
0.0
what
0.0
level
0.0
of
0.0
program
0.0
is
0.0
required
0.0
for
0.0
their
0.0
mission
0.0
.
0.0
Based
0.0
on
0.0
the
0.0
sensitivity
0.0
of
0.0
the
0.0
mission
0.0
and
0.0
attendant
0.0
threats
0.0
,
0.0
commanders
0.0
and
0.0
directors
0.0
shall
0.0
implement
0.0
one
0.0
of
0.0
the
0.0
following
0.0
program
0.0
levels
0.0
.
0.0
Level
0.0
I
0.0
.
0.0
A
0.0
Level
0.0
I
0.0
program
0.0
is
0.0
a
0.0
baseline
0.0
OPS
0.0
EC
0.0
program
0.0
for
0.0
which
0.0
the
0.0
commander
0.0
has
0.0
determined
0.0
a
0.0
minimal
0.0
level
0.0
of
0.0
OPS
0.0
EC
0.0
management
0.0
and
0.0
resources
0.0
are
0.0
required
0.0
.
0.0
A
0.0
Level
0.0
I
0.0
program
0.0
may
0.0
fall
0.0
under
0.0
the
0.0
oversight
0.0
of
0.0
a
0.0
Level
0.0
II
0.0
or
0.0
Level
0.0
III
0.0
program
0.0
.
0.0
Level
0.0
II
0.0
.
0.0
A
0.0
Level
0.0
II
0.0
program
0.0
is
0.0
a
0.0
mid
0.0
lev
0.0
el
0.0
OPS
0.0
EC
0.0
program
0.0
that
0.0
requires
0.0
a
0.0
moderate
0.0
amount
0.0
of
0.0
program
0.0
management
0.0
and
0.0
dedicated
0.0
resources
0.0
.
0.0
A
0.0
Level
0.0
II
0.0
program
0.0
shall
0.0
meet
0.0
all
0.0
the
0.0
Level
0.0
I
0.0
requirements
0.0
.
0.0
In
0.0
addition
0.0
,
0.0
it
0.0
shall
0.0
be
0.0
headed
0.0
by
0.0
a
0.0
program
0.0
manager
0.0
(
0.0
defined
0.0
in
0.0
Reference
0.0
(
0.0
a
0.0
)
0.0
)
0.0
,
0.0
who
0.0
shall
0.0
:
0.0
Ensure
0.0
that
0.0
initial
0.0
and
0.0
annual
0.0
ref
0.0
resh
0.0
er
0.0
training
0.0
on
0.0
OPS
0.0
EC
0.0
is
0.0
provided
0.0
to
0.0
all
0.0
employees
0.0
and
0.0
identified
0.0
contractors
0.0
;
0.0
coordinate
0.0
training
0.0
for
0.0
Level
0.0
I
0.0
OPS
0.0
EC
0.0
coordinator
0.0
s
0.0
.
0.0
000000000000000000000base value00fDevelop the Workforce(inputs)
inputs
0.0
0.0
SUB
0.0
COM
0.0
PONE
0.0
NT
0.0
OPS
0.0
EC
0.0
PROGRAM
0.0
LEVELS
0.0
.
0.0
The
0.0
following
0.0
levels
0.0
of
0.0
involvement
0.0
are
0.0
provided
0.0
as
0.0
guidance
0.0
to
0.0
commanders
0.0
and
0.0
directors
0.0
.
0.0
Commanders
0.0
and
0.0
directors
0.0
shall
0.0
determine
0.0
what
0.0
level
0.0
of
0.0
program
0.0
is
0.0
required
0.0
for
0.0
their
0.0
mission
0.0
.
0.0
Based
0.0
on
0.0
the
0.0
sensitivity
0.0
of
0.0
the
0.0
mission
0.0
and
0.0
attendant
0.0
threats
0.0
,
0.0
commanders
0.0
and
0.0
directors
0.0
shall
0.0
implement
0.0
one
0.0
of
0.0
the
0.0
following
0.0
program
0.0
levels
0.0
.
0.0
Level
0.0
I
0.0
.
0.0
A
0.0
Level
0.0
I
0.0
program
0.0
is
0.0
a
0.0
baseline
0.0
OPS
0.0
EC
0.0
program
0.0
for
0.0
which
0.0
the
0.0
commander
0.0
has
0.0
determined
0.0
a
0.0
minimal
0.0
level
0.0
of
0.0
OPS
0.0
EC
0.0
management
0.0
and
0.0
resources
0.0
are
0.0
required
0.0
.
0.0
A
0.0
Level
0.0
I
0.0
program
0.0
may
0.0
fall
0.0
under
0.0
the
0.0
oversight
0.0
of
0.0
a
0.0
Level
0.0
II
0.0
or
0.0
Level
0.0
III
0.0
program
0.0
.
0.0
Level
0.0
II
0.0
.
0.0
A
0.0
Level
0.0
II
0.0
program
0.0
is
0.0
a
0.0
mid
0.0
lev
0.0
el
0.0
OPS
0.0
EC
0.0
program
0.0
that
0.0
requires
0.0
a
0.0
moderate
0.0
amount
0.0
of
0.0
program
0.0
management
0.0
and
0.0
dedicated
0.0
resources
0.0
.
0.0
A
0.0
Level
0.0
II
0.0
program
0.0
shall
0.0
meet
0.0
all
0.0
the
0.0
Level
0.0
I
0.0
requirements
0.0
.
0.0
In
0.0
addition
0.0
,
0.0
it
0.0
shall
0.0
be
0.0
headed
0.0
by
0.0
a
0.0
program
0.0
manager
0.0
(
0.0
defined
0.0
in
0.0
Reference
0.0
(
0.0
a
0.0
)
0.0
)
0.0
,
0.0
who
0.0
shall
0.0
:
0.0
Ensure
0.0
that
0.0
initial
0.0
and
0.0
annual
0.0
ref
0.0
resh
0.0
er
0.0
training
0.0
on
0.0
OPS
0.0
EC
0.0
is
0.0
provided
0.0
to
0.0
all
0.0
employees
0.0
and
0.0
identified
0.0
contractors
0.0
;
0.0
coordinate
0.0
training
0.0
for
0.0
Level
0.0
I
0.0
OPS
0.0
EC
0.0
coordinator
0.0
s
0.0
.
0.0
0.20-0.2-0.40.40.600base value00fDevelop the Workforce (inputs)
inputs
0.0
0.0
SUB
0.0
COM
0.0
PONE
0.0
NT
0.0
OPS
0.0
EC
0.0
PROGRAM
0.0
LEVELS
0.0
.
0.0
The
0.0
following
0.0
levels
0.0
of
0.0
involvement
0.0
are
0.0
provided
0.0
as
0.0
guidance
0.0
to
0.0
commanders
0.0
and
0.0
directors
0.0
.
0.0
Commanders
0.0
and
0.0
directors
0.0
shall
0.0
determine
0.0
what
0.0
level
0.0
of
0.0
program
0.0
is
0.0
required
0.0
for
0.0
their
0.0
mission
0.0
.
0.0
Based
0.0
on
0.0
the
0.0
sensitivity
0.0
of
0.0
the
0.0
mission
0.0
and
0.0
attendant
0.0
threats
0.0
,
0.0
commanders
0.0
and
0.0
directors
0.0
shall
0.0
implement
0.0
one
0.0
of
0.0
the
0.0
following
0.0
program
0.0
levels
0.0
.
0.0
Level
0.0
I
0.0
.
0.0
A
0.0
Level
0.0
I
0.0
program
0.0
is
0.0
a
0.0
baseline
0.0
OPS
0.0
EC
0.0
program
0.0
for
0.0
which
0.0
the
0.0
commander
0.0
has
0.0
determined
0.0
a
0.0
minimal
0.0
level
0.0
of
0.0
OPS
0.0
EC
0.0
management
0.0
and
0.0
resources
0.0
are
0.0
required
0.0
.
0.0
A
0.0
Level
0.0
I
0.0
program
0.0
may
0.0
fall
0.0
under
0.0
the
0.0
oversight
0.0
of
0.0
a
0.0
Level
0.0
II
0.0
or
0.0
Level
0.0
III
0.0
program
0.0
.
0.0
Level
0.0
II
0.0
.
0.0
A
0.0
Level
0.0
II
0.0
program
0.0
is
0.0
a
0.0
mid
0.0
lev
0.0
el
0.0
OPS
0.0
EC
0.0
program
0.0
that
0.0
requires
0.0
a
0.0
moderate
0.0
amount
0.0
of
0.0
program
0.0
management
0.0
and
0.0
dedicated
0.0
resources
0.0
.
0.0
A
0.0
Level
0.0
II
0.0
program
0.0
shall
0.0
meet
0.0
all
0.0
the
0.0
Level
0.0
I
0.0
requirements
0.0
.
0.0
In
0.0
addition
0.0
,
0.0
it
0.0
shall
0.0
be
0.0
headed
0.0
by
0.0
a
0.0
program
0.0
manager
0.0
(
0.0
defined
0.0
in
0.0
Reference
0.0
(
0.0
a
0.0
)
0.0
)
0.0
,
0.0
who
0.0
shall
0.0
:
0.0
Ensure
0.0
that
0.0
initial
0.0
and
0.0
annual
0.0
ref
0.0
resh
0.0
er
0.0
training
0.0
on
0.0
OPS
0.0
EC
0.0
is
0.0
provided
0.0
to
0.0
all
0.0
employees
0.0
and
0.0
identified
0.0
contractors
0.0
;
0.0
coordinate
0.0
training
0.0
for
0.0
Level
0.0
I
0.0
OPS
0.0
EC
0.0
coordinator
0.0
s
0.0
.
0.0
000000000000000000000base value00fDevelop the Workforce (inputs)
inputs
0.0
0.0
SUB
0.0
COM
0.0
PONE
0.0
NT
0.0
OPS
0.0
EC
0.0
PROGRAM
0.0
LEVELS
0.0
.
0.0
The
0.0
following
0.0
levels
0.0
of
0.0
involvement
0.0
are
0.0
provided
0.0
as
0.0
guidance
0.0
to
0.0
commanders
0.0
and
0.0
directors
0.0
.
0.0
Commanders
0.0
and
0.0
directors
0.0
shall
0.0
determine
0.0
what
0.0
level
0.0
of
0.0
program
0.0
is
0.0
required
0.0
for
0.0
their
0.0
mission
0.0
.
0.0
Based
0.0
on
0.0
the
0.0
sensitivity
0.0
of
0.0
the
0.0
mission
0.0
and
0.0
attendant
0.0
threats
0.0
,
0.0
commanders
0.0
and
0.0
directors
0.0
shall
0.0
implement
0.0
one
0.0
of
0.0
the
0.0
following
0.0
program
0.0
levels
0.0
.
0.0
Level
0.0
I
0.0
.
0.0
A
0.0
Level
0.0
I
0.0
program
0.0
is
0.0
a
0.0
baseline
0.0
OPS
0.0
EC
0.0
program
0.0
for
0.0
which
0.0
the
0.0
commander
0.0
has
0.0
determined
0.0
a
0.0
minimal
0.0
level
0.0
of
0.0
OPS
0.0
EC
0.0
management
0.0
and
0.0
resources
0.0
are
0.0
required
0.0
.
0.0
A
0.0
Level
0.0
I
0.0
program
0.0
may
0.0
fall
0.0
under
0.0
the
0.0
oversight
0.0
of
0.0
a
0.0
Level
0.0
II
0.0
or
0.0
Level
0.0
III
0.0
program
0.0
.
0.0
Level
0.0
II
0.0
.
0.0
A
0.0
Level
0.0
II
0.0
program
0.0
is
0.0
a
0.0
mid
0.0
lev
0.0
el
0.0
OPS
0.0
EC
0.0
program
0.0
that
0.0
requires
0.0
a
0.0
moderate
0.0
amount
0.0
of
0.0
program
0.0
management
0.0
and
0.0
dedicated
0.0
resources
0.0
.
0.0
A
0.0
Level
0.0
II
0.0
program
0.0
shall
0.0
meet
0.0
all
0.0
the
0.0
Level
0.0
I
0.0
requirements
0.0
.
0.0
In
0.0
addition
0.0
,
0.0
it
0.0
shall
0.0
be
0.0
headed
0.0
by
0.0
a
0.0
program
0.0
manager
0.0
(
0.0
defined
0.0
in
0.0
Reference
0.0
(
0.0
a
0.0
)
0.0
)
0.0
,
0.0
who
0.0
shall
0.0
:
0.0
Ensure
0.0
that
0.0
initial
0.0
and
0.0
annual
0.0
ref
0.0
resh
0.0
er
0.0
training
0.0
on
0.0
OPS
0.0
EC
0.0
is
0.0
provided
0.0
to
0.0
all
0.0
employees
0.0
and
0.0
identified
0.0
contractors
0.0
;
0.0
coordinate
0.0
training
0.0
for
0.0
Level
0.0
I
0.0
OPS
0.0
EC
0.0
coordinator
0.0
s
0.0
.
0.0
0.20-0.2-0.40.40.600base value0.7185670.718567fManage Access(inputs)0.05A Level II program shall meet all the Level I requirements.0.04In addition, it shall be headed by a program manager0.037OPSEC management and0.036determined a minimal level of0.036A Level I program may fall under the oversight of a Level II or Level III program. Level II.0.034commanders and directors shall implement one0.034of the following program levels.0.032identified contractors; coordinate0.031that0.03OPSEC0.03coordinators0.029Level I0.025training for0.025Level I0.023Based on the sensitivity of the mission and0.018and0.017initial0.016:Ensure0.016attendant threats,0.015OPSEC program for0.015is a baseline0.015A Level I program0.014resources are required.0.014which the commander has0.014and annual0.014training on0.014refresher0.014OPSEC0.013(a)),0.011provided0.011employees0.011to all0.011is0.009.0.008Commanders and0.008required for their mission0.004involvement are provided as guidance to commanders0.004The following levels of0.004level of0.004program is0.004directors shall0.004determine what0.0040.004who shall0.003SUBCOMPONENT0.001.0.0.-0.063OPSEC PROGRAM LEVELS-0.012.-0.006and directors.-0.004-0.003A Level II program is a midlevel OPSEC program that requires a moderate amount of program management and dedicated resources.-0.001(defined in Reference
inputs
-0.004
0.003 / 4
SUBCOMPONENT
-0.063 / 4
OPSEC PROGRAM LEVELS
-0.012
.
0.004 / 4
The following levels of
0.004 / 7
involvement are provided as guidance to commanders
-0.006 / 3
and directors.
0.008 / 2
Commanders and
0.004 / 2
directors shall
0.004 / 2
determine what
0.004 / 2
level of
0.004 / 2
program is
0.008 / 4
required for their mission
0.001
.
0.023 / 8
Based on the sensitivity of the mission and
0.016 / 3
attendant threats,
0.034 / 6
commanders and directors shall implement one
0.034 / 6
of the following program levels.
0.029 / 2
Level I
0.0
.
0.015 / 4
A Level I program
0.015 / 3
is a baseline
0.015 / 4
OPSEC program for
0.014 / 4
which the commander has
0.036 / 5
determined a minimal level of
0.037 / 4
OPSEC management and
0.014 / 4
resources are required.
0.036 / 21
A Level I program may fall under the oversight of a Level II or Level III program. Level II.
-0.003 / 24
A Level II program is a midlevel OPSEC program that requires a moderate amount of program management and dedicated resources.
0.05 / 12
A Level II program shall meet all the Level I requirements.
0.04 / 11
In addition, it shall be headed by a program manager
-0.001 / 4
(defined in Reference
0.013 / 5
(a)),
0.004 / 2
who shall
0.016 / 2
:Ensure
0.031
that
0.017
initial
0.014 / 2
and annual
0.014 / 3
refresher
0.014 / 2
training on
0.014 / 2
OPSEC
0.011
is
0.011
provided
0.011 / 2
to all
0.011
employees
0.018
and
0.032 / 4
identified contractors; coordinate
0.025 / 2
training for
0.025 / 2
Level I
0.03 / 2
OPSEC
0.03 / 2
coordinators
0.009
.
0.004
0.40.200.60.800base value0.7185670.718567fManage Access(inputs)0.05A Level II program shall meet all the Level I requirements.0.04In addition, it shall be headed by a program manager0.037OPSEC management and0.036determined a minimal level of0.036A Level I program may fall under the oversight of a Level II or Level III program. Level II.0.034commanders and directors shall implement one0.034of the following program levels.0.032identified contractors; coordinate0.031that0.03OPSEC0.03coordinators0.029Level I0.025training for0.025Level I0.023Based on the sensitivity of the mission and0.018and0.017initial0.016:Ensure0.016attendant threats,0.015OPSEC program for0.015is a baseline0.015A Level I program0.014resources are required.0.014which the commander has0.014and annual0.014training on0.014refresher0.014OPSEC0.013(a)),0.011provided0.011employees0.011to all0.011is0.009.0.008Commanders and0.008required for their mission0.004involvement are provided as guidance to commanders0.004The following levels of0.004level of0.004program is0.004directors shall0.004determine what0.0040.004who shall0.003SUBCOMPONENT0.001.0.0.-0.063OPSEC PROGRAM LEVELS-0.012.-0.006and directors.-0.004-0.003A Level II program is a midlevel OPSEC program that requires a moderate amount of program management and dedicated resources.-0.001(defined in Reference
inputs
-0.004
0.003 / 4
SUBCOMPONENT
-0.063 / 4
OPSEC PROGRAM LEVELS
-0.012
.
0.004 / 4
The following levels of
0.004 / 7
involvement are provided as guidance to commanders
-0.006 / 3
and directors.
0.008 / 2
Commanders and
0.004 / 2
directors shall
0.004 / 2
determine what
0.004 / 2
level of
0.004 / 2
program is
0.008 / 4
required for their mission
0.001
.
0.023 / 8
Based on the sensitivity of the mission and
0.016 / 3
attendant threats,
0.034 / 6
commanders and directors shall implement one
0.034 / 6
of the following program levels.
0.029 / 2
Level I
0.0
.
0.015 / 4
A Level I program
0.015 / 3
is a baseline
0.015 / 4
OPSEC program for
0.014 / 4
which the commander has
0.036 / 5
determined a minimal level of
0.037 / 4
OPSEC management and
0.014 / 4
resources are required.
0.036 / 21
A Level I program may fall under the oversight of a Level II or Level III program. Level II.
-0.003 / 24
A Level II program is a midlevel OPSEC program that requires a moderate amount of program management and dedicated resources.
0.05 / 12
A Level II program shall meet all the Level I requirements.
0.04 / 11
In addition, it shall be headed by a program manager
-0.001 / 4
(defined in Reference
0.013 / 5
(a)),
0.004 / 2
who shall
0.016 / 2
:Ensure
0.031
that
0.017
initial
0.014 / 2
and annual
0.014 / 3
refresher
0.014 / 2
training on
0.014 / 2
OPSEC
0.011
is
0.011
provided
0.011 / 2
to all
0.011
employees
0.018
and
0.032 / 4
identified contractors; coordinate
0.025 / 2
training for
0.025 / 2
Level I
0.03 / 2
OPSEC
0.03 / 2
coordinators
0.009
.
0.004
0.20-0.2-0.40.40.600base value00fPartner for Strength(inputs)
inputs
0.0
0.0
SUB
0.0
COM
0.0
PONE
0.0
NT
0.0
OPS
0.0
EC
0.0
PROGRAM
0.0
LEVELS
0.0
.
0.0
The
0.0
following
0.0
levels
0.0
of
0.0
involvement
0.0
are
0.0
provided
0.0
as
0.0
guidance
0.0
to
0.0
commanders
0.0
and
0.0
directors
0.0
.
0.0
Commanders
0.0
and
0.0
directors
0.0
shall
0.0
determine
0.0
what
0.0
level
0.0
of
0.0
program
0.0
is
0.0
required
0.0
for
0.0
their
0.0
mission
0.0
.
0.0
Based
0.0
on
0.0
the
0.0
sensitivity
0.0
of
0.0
the
0.0
mission
0.0
and
0.0
attendant
0.0
threats
0.0
,
0.0
commanders
0.0
and
0.0
directors
0.0
shall
0.0
implement
0.0
one
0.0
of
0.0
the
0.0
following
0.0
program
0.0
levels
0.0
.
0.0
Level
0.0
I
0.0
.
0.0
A
0.0
Level
0.0
I
0.0
program
0.0
is
0.0
a
0.0
baseline
0.0
OPS
0.0
EC
0.0
program
0.0
for
0.0
which
0.0
the
0.0
commander
0.0
has
0.0
determined
0.0
a
0.0
minimal
0.0
level
0.0
of
0.0
OPS
0.0
EC
0.0
management
0.0
and
0.0
resources
0.0
are
0.0
required
0.0
.
0.0
A
0.0
Level
0.0
I
0.0
program
0.0
may
0.0
fall
0.0
under
0.0
the
0.0
oversight
0.0
of
0.0
a
0.0
Level
0.0
II
0.0
or
0.0
Level
0.0
III
0.0
program
0.0
.
0.0
Level
0.0
II
0.0
.
0.0
A
0.0
Level
0.0
II
0.0
program
0.0
is
0.0
a
0.0
mid
0.0
lev
0.0
el
0.0
OPS
0.0
EC
0.0
program
0.0
that
0.0
requires
0.0
a
0.0
moderate
0.0
amount
0.0
of
0.0
program
0.0
management
0.0
and
0.0
dedicated
0.0
resources
0.0
.
0.0
A
0.0
Level
0.0
II
0.0
program
0.0
shall
0.0
meet
0.0
all
0.0
the
0.0
Level
0.0
I
0.0
requirements
0.0
.
0.0
In
0.0
addition
0.0
,
0.0
it
0.0
shall
0.0
be
0.0
headed
0.0
by
0.0
a
0.0
program
0.0
manager
0.0
(
0.0
defined
0.0
in
0.0
Reference
0.0
(
0.0
a
0.0
)
0.0
)
0.0
,
0.0
who
0.0
shall
0.0
:
0.0
Ensure
0.0
that
0.0
initial
0.0
and
0.0
annual
0.0
ref
0.0
resh
0.0
er
0.0
training
0.0
on
0.0
OPS
0.0
EC
0.0
is
0.0
provided
0.0
to
0.0
all
0.0
employees
0.0
and
0.0
identified
0.0
contractors
0.0
;
0.0
coordinate
0.0
training
0.0
for
0.0
Level
0.0
I
0.0
OPS
0.0
EC
0.0
coordinator
0.0
s
0.0
.
0.0
000000000000000000000base value00fPartner for Strength(inputs)
inputs
0.0
0.0
SUB
0.0
COM
0.0
PONE
0.0
NT
0.0
OPS
0.0
EC
0.0
PROGRAM
0.0
LEVELS
0.0
.
0.0
The
0.0
following
0.0
levels
0.0
of
0.0
involvement
0.0
are
0.0
provided
0.0
as
0.0
guidance
0.0
to
0.0
commanders
0.0
and
0.0
directors
0.0
.
0.0
Commanders
0.0
and
0.0
directors
0.0
shall
0.0
determine
0.0
what
0.0
level
0.0
of
0.0
program
0.0
is
0.0
required
0.0
for
0.0
their
0.0
mission
0.0
.
0.0
Based
0.0
on
0.0
the
0.0
sensitivity
0.0
of
0.0
the
0.0
mission
0.0
and
0.0
attendant
0.0
threats
0.0
,
0.0
commanders
0.0
and
0.0
directors
0.0
shall
0.0
implement
0.0
one
0.0
of
0.0
the
0.0
following
0.0
program
0.0
levels
0.0
.
0.0
Level
0.0
I
0.0
.
0.0
A
0.0
Level
0.0
I
0.0
program
0.0
is
0.0
a
0.0
baseline
0.0
OPS
0.0
EC
0.0
program
0.0
for
0.0
which
0.0
the
0.0
commander
0.0
has
0.0
determined
0.0
a
0.0
minimal
0.0
level
0.0
of
0.0
OPS
0.0
EC
0.0
management
0.0
and
0.0
resources
0.0
are
0.0
required
0.0
.
0.0
A
0.0
Level
0.0
I
0.0
program
0.0
may
0.0
fall
0.0
under
0.0
the
0.0
oversight
0.0
of
0.0
a
0.0
Level
0.0
II
0.0
or
0.0
Level
0.0
III
0.0
program
0.0
.
0.0
Level
0.0
II
0.0
.
0.0
A
0.0
Level
0.0
II
0.0
program
0.0
is
0.0
a
0.0
mid
0.0
lev
0.0
el
0.0
OPS
0.0
EC
0.0
program
0.0
that
0.0
requires
0.0
a
0.0
moderate
0.0
amount
0.0
of
0.0
program
0.0
management
0.0
and
0.0
dedicated
0.0
resources
0.0
.
0.0
A
0.0
Level
0.0
II
0.0
program
0.0
shall
0.0
meet
0.0
all
0.0
the
0.0
Level
0.0
I
0.0
requirements
0.0
.
0.0
In
0.0
addition
0.0
,
0.0
it
0.0
shall
0.0
be
0.0
headed
0.0
by
0.0
a
0.0
program
0.0
manager
0.0
(
0.0
defined
0.0
in
0.0
Reference
0.0
(
0.0
a
0.0
)
0.0
)
0.0
,
0.0
who
0.0
shall
0.0
:
0.0
Ensure
0.0
that
0.0
initial
0.0
and
0.0
annual
0.0
ref
0.0
resh
0.0
er
0.0
training
0.0
on
0.0
OPS
0.0
EC
0.0
is
0.0
provided
0.0
to
0.0
all
0.0
employees
0.0
and
0.0
identified
0.0
contractors
0.0
;
0.0
coordinate
0.0
training
0.0
for
0.0
Level
0.0
I
0.0
OPS
0.0
EC
0.0
coordinator
0.0
s
0.0
.
0.0
0.20-0.2-0.40.40.60.5276730.527673base value00fPrevent and Delay Attackers and Prevent Attackers from Staying(inputs)0.022Based on the sensitivity of the mission and attendant threats,0.015The following levels of involvement are provided as guidance to commanders0.006level of program is required for their mission.0.004Commanders and directors shall determine what0.003commanders and directors shall implement one of the following program levels.0.003is provided to all employees0.003and directors.0.002of program management and dedicated resources.0.002A Level II program is a midlevel0.001and annual refresher0.0resources are required.0.0who shall:Ensure that initial-0.084OPSEC PROGRAM LEVELS-0.081OPSEC-0.066OPSEC-0.054training on-0.048OPSEC program that-0.034OPSEC management-0.028training for-0.028Level I-0.027and-0.021requires a moderate amount-0.019OPSEC program for-0.018Level I requirements-0.015it shall be headed-0.015by a program manager-0.013.-0.01determined a minimal level of-0.008.-0.005.-0.004A Level II program shall meet all the-0.002and identified contractors; coordinate-0.002(defined in Reference (a)),-0.001coordinators-0.001SUBCOMPONENT-0.001In addition,-0.001A Level I program may fall under the oversight of a Level II or Level III program. Level II.-0.001A Level I program is a baseline-0.001Level I.-0.0which the commander has
inputs
-0.001 / 5
SUBCOMPONENT
-0.084 / 4
OPSEC PROGRAM LEVELS
-0.008
.
0.015 / 11
The following levels of involvement are provided as guidance to commanders
0.003 / 3
and directors.
0.004 / 6
Commanders and directors shall determine what
0.006 / 9
level of program is required for their mission.
0.022 / 11
Based on the sensitivity of the mission and attendant threats,
0.003 / 12
commanders and directors shall implement one of the following program levels.
-0.001 / 3
Level I.
-0.001 / 7
A Level I program is a baseline
-0.019 / 4
OPSEC program for
-0.0 / 4
which the commander has
-0.01 / 5
determined a minimal level of
-0.034 / 3
OPSEC management
-0.027
and
0.0 / 4
resources are required.
-0.001 / 21
A Level I program may fall under the oversight of a Level II or Level III program. Level II.
0.002 / 9
A Level II program is a midlevel
-0.048 / 4
OPSEC program that
-0.021 / 4
requires a moderate amount
0.002 / 7
of program management and dedicated resources.
-0.004 / 8
A Level II program shall meet all the
-0.018 / 3
Level I requirements
-0.013
.
-0.001 / 3
In addition,
-0.015 / 4
it shall be headed
-0.015 / 4
by a program manager
-0.002 / 9
(defined in Reference (a)),
0.0 / 6
who shall:Ensure that initial
0.001 / 5
and annual refresher
-0.054 / 2
training on
-0.081 / 2
OPSEC
0.003 / 5
is provided to all employees
-0.002 / 5
and identified contractors; coordinate
-0.028 / 2
training for
-0.028 / 2
Level I
-0.066 / 2
OPSEC
-0.001 / 2
coordinators
-0.005
.
0.0
0.30.20.1-5.55112e-170.40.50.5276730.527673base value00fPrevent and Delay Attackers and Prevent Attackers from Staying(inputs)0.022Based on the sensitivity of the mission and attendant threats,0.015The following levels of involvement are provided as guidance to commanders0.006level of program is required for their mission.0.004Commanders and directors shall determine what0.003commanders and directors shall implement one of the following program levels.0.003is provided to all employees0.003and directors.0.002of program management and dedicated resources.0.002A Level II program is a midlevel0.001and annual refresher0.0resources are required.0.0who shall:Ensure that initial-0.084OPSEC PROGRAM LEVELS-0.081OPSEC-0.066OPSEC-0.054training on-0.048OPSEC program that-0.034OPSEC management-0.028training for-0.028Level I-0.027and-0.021requires a moderate amount-0.019OPSEC program for-0.018Level I requirements-0.015it shall be headed-0.015by a program manager-0.013.-0.01determined a minimal level of-0.008.-0.005.-0.004A Level II program shall meet all the-0.002and identified contractors; coordinate-0.002(defined in Reference (a)),-0.001coordinators-0.001SUBCOMPONENT-0.001In addition,-0.001A Level I program may fall under the oversight of a Level II or Level III program. Level II.-0.001A Level I program is a baseline-0.001Level I.-0.0which the commander has
inputs
-0.001 / 5
SUBCOMPONENT
-0.084 / 4
OPSEC PROGRAM LEVELS
-0.008
.
0.015 / 11
The following levels of involvement are provided as guidance to commanders
0.003 / 3
and directors.
0.004 / 6
Commanders and directors shall determine what
0.006 / 9
level of program is required for their mission.
0.022 / 11
Based on the sensitivity of the mission and attendant threats,
0.003 / 12
commanders and directors shall implement one of the following program levels.
-0.001 / 3
Level I.
-0.001 / 7
A Level I program is a baseline
-0.019 / 4
OPSEC program for
-0.0 / 4
which the commander has
-0.01 / 5
determined a minimal level of
-0.034 / 3
OPSEC management
-0.027
and
0.0 / 4
resources are required.
-0.001 / 21
A Level I program may fall under the oversight of a Level II or Level III program. Level II.
0.002 / 9
A Level II program is a midlevel
-0.048 / 4
OPSEC program that
-0.021 / 4
requires a moderate amount
0.002 / 7
of program management and dedicated resources.
-0.004 / 8
A Level II program shall meet all the
-0.018 / 3
Level I requirements
-0.013
.
-0.001 / 3
In addition,
-0.015 / 4
it shall be headed
-0.015 / 4
by a program manager
-0.002 / 9
(defined in Reference (a)),
0.0 / 6
who shall:Ensure that initial
0.001 / 5
and annual refresher
-0.054 / 2
training on
-0.081 / 2
OPSEC
0.003 / 5
is provided to all employees
-0.002 / 5
and identified contractors; coordinate
-0.028 / 2
training for
-0.028 / 2
Level I
-0.066 / 2
OPSEC
-0.001 / 2
coordinators
-0.005
.
0.0
0.20-0.2-0.40.40.600base value00fSecure Data in Transit(inputs)
inputs
0.0
0.0
SUB
0.0
COM
0.0
PONE
0.0
NT
0.0
OPS
0.0
EC
0.0
PROGRAM
0.0
LEVELS
0.0
.
0.0
The
0.0
following
0.0
levels
0.0
of
0.0
involvement
0.0
are
0.0
provided
0.0
as
0.0
guidance
0.0
to
0.0
commanders
0.0
and
0.0
directors
0.0
.
0.0
Commanders
0.0
and
0.0
directors
0.0
shall
0.0
determine
0.0
what
0.0
level
0.0
of
0.0
program
0.0
is
0.0
required
0.0
for
0.0
their
0.0
mission
0.0
.
0.0
Based
0.0
on
0.0
the
0.0
sensitivity
0.0
of
0.0
the
0.0
mission
0.0
and
0.0
attendant
0.0
threats
0.0
,
0.0
commanders
0.0
and
0.0
directors
0.0
shall
0.0
implement
0.0
one
0.0
of
0.0
the
0.0
following
0.0
program
0.0
levels
0.0
.
0.0
Level
0.0
I
0.0
.
0.0
A
0.0
Level
0.0
I
0.0
program
0.0
is
0.0
a
0.0
baseline
0.0
OPS
0.0
EC
0.0
program
0.0
for
0.0
which
0.0
the
0.0
commander
0.0
has
0.0
determined
0.0
a
0.0
minimal
0.0
level
0.0
of
0.0
OPS
0.0
EC
0.0
management
0.0
and
0.0
resources
0.0
are
0.0
required
0.0
.
0.0
A
0.0
Level
0.0
I
0.0
program
0.0
may
0.0
fall
0.0
under
0.0
the
0.0
oversight
0.0
of
0.0
a
0.0
Level
0.0
II
0.0
or
0.0
Level
0.0
III
0.0
program
0.0
.
0.0
Level
0.0
II
0.0
.
0.0
A
0.0
Level
0.0
II
0.0
program
0.0
is
0.0
a
0.0
mid
0.0
lev
0.0
el
0.0
OPS
0.0
EC
0.0
program
0.0
that
0.0
requires
0.0
a
0.0
moderate
0.0
amount
0.0
of
0.0
program
0.0
management
0.0
and
0.0
dedicated
0.0
resources
0.0
.
0.0
A
0.0
Level
0.0
II
0.0
program
0.0
shall
0.0
meet
0.0
all
0.0
the
0.0
Level
0.0
I
0.0
requirements
0.0
.
0.0
In
0.0
addition
0.0
,
0.0
it
0.0
shall
0.0
be
0.0
headed
0.0
by
0.0
a
0.0
program
0.0
manager
0.0
(
0.0
defined
0.0
in
0.0
Reference
0.0
(
0.0
a
0.0
)
0.0
)
0.0
,
0.0
who
0.0
shall
0.0
:
0.0
Ensure
0.0
that
0.0
initial
0.0
and
0.0
annual
0.0
ref
0.0
resh
0.0
er
0.0
training
0.0
on
0.0
OPS
0.0
EC
0.0
is
0.0
provided
0.0
to
0.0
all
0.0
employees
0.0
and
0.0
identified
0.0
contractors
0.0
;
0.0
coordinate
0.0
training
0.0
for
0.0
Level
0.0
I
0.0
OPS
0.0
EC
0.0
coordinator
0.0
s
0.0
.
0.0
000000000000000000000base value00fSecure Data in Transit(inputs)
0.20-0.2-0.40.40.600base value00fUnderstand the Battlespace(inputs)
inputs
0.0
0.0
SUB
0.0
COM
0.0
PONE
0.0
NT
0.0
OPS
0.0
EC
0.0
PROGRAM
0.0
LEVELS
0.0
.
0.0
The
0.0
following
0.0
levels
0.0
of
0.0
involvement
0.0
are
0.0
provided
0.0
as
0.0
guidance
0.0
to
0.0
commanders
0.0
and
0.0
directors
0.0
.
0.0
Commanders
0.0
and
0.0
directors
0.0
shall
0.0
determine
0.0
what
0.0
level
0.0
of
0.0
program
0.0
is
0.0
required
0.0
for
0.0
their
0.0
mission
0.0
.
0.0
Based
0.0
on
0.0
the
0.0
sensitivity
0.0
of
0.0
the
0.0
mission
0.0
and
0.0
attendant
0.0
threats
0.0
,
0.0
commanders
0.0
and
0.0
directors
0.0
shall
0.0
implement
0.0
one
0.0
of
0.0
the
0.0
following
0.0
program
0.0
levels
0.0
.
0.0
Level
0.0
I
0.0
.
0.0
A
0.0
Level
0.0
I
0.0
program
0.0
is
0.0
a
0.0
baseline
0.0
OPS
0.0
EC
0.0
program
0.0
for
0.0
which
0.0
the
0.0
commander
0.0
has
0.0
determined
0.0
a
0.0
minimal
0.0
level
0.0
of
0.0
OPS
0.0
EC
0.0
management
0.0
and
0.0
resources
0.0
are
0.0
required
0.0
.
0.0
A
0.0
Level
0.0
I
0.0
program
0.0
may
0.0
fall
0.0
under
0.0
the
0.0
oversight
0.0
of
0.0
a
0.0
Level
0.0
II
0.0
or
0.0
Level
0.0
III
0.0
program
0.0
.
0.0
Level
0.0
II
0.0
.
0.0
A
0.0
Level
0.0
II
0.0
program
0.0
is
0.0
a
0.0
mid
0.0
lev
0.0
el
0.0
OPS
0.0
EC
0.0
program
0.0
that
0.0
requires
0.0
a
0.0
moderate
0.0
amount
0.0
of
0.0
program
0.0
management
0.0
and
0.0
dedicated
0.0
resources
0.0
.
0.0
A
0.0
Level
0.0
II
0.0
program
0.0
shall
0.0
meet
0.0
all
0.0
the
0.0
Level
0.0
I
0.0
requirements
0.0
.
0.0
In
0.0
addition
0.0
,
0.0
it
0.0
shall
0.0
be
0.0
headed
0.0
by
0.0
a
0.0
program
0.0
manager
0.0
(
0.0
defined
0.0
in
0.0
Reference
0.0
(
0.0
a
0.0
)
0.0
)
0.0
,
0.0
who
0.0
shall
0.0
:
0.0
Ensure
0.0
that
0.0
initial
0.0
and
0.0
annual
0.0
ref
0.0
resh
0.0
er
0.0
training
0.0
on
0.0
OPS
0.0
EC
0.0
is
0.0
provided
0.0
to
0.0
all
0.0
employees
0.0
and
0.0
identified
0.0
contractors
0.0
;
0.0
coordinate
0.0
training
0.0
for
0.0
Level
0.0
I
0.0
OPS
0.0
EC
0.0
coordinator
0.0
s
0.0
.
0.0
000000000000000000000base value00fUnderstand the Battlespace(inputs)
inputs
0.0
0.0
SUB
0.0
COM
0.0
PONE
0.0
NT
0.0
OPS
0.0
EC
0.0
PROGRAM
0.0
LEVELS
0.0
.
0.0
The
0.0
following
0.0
levels
0.0
of
0.0
involvement
0.0
are
0.0
provided
0.0
as
0.0
guidance
0.0
to
0.0
commanders
0.0
and
0.0
directors
0.0
.
0.0
Commanders
0.0
and
0.0
directors
0.0
shall
0.0
determine
0.0
what
0.0
level
0.0
of
0.0
program
0.0
is
0.0
required
0.0
for
0.0
their
0.0
mission
0.0
.
0.0
Based
0.0
on
0.0
the
0.0
sensitivity
0.0
of
0.0
the
0.0
mission
0.0
and
0.0
attendant
0.0
threats
0.0
,
0.0
commanders
0.0
and
0.0
directors
0.0
shall
0.0
implement
0.0
one
0.0
of
0.0
the
0.0
following
0.0
program
0.0
levels
0.0
.
0.0
Level
0.0
I
0.0
.
0.0
A
0.0
Level
0.0
I
0.0
program
0.0
is
0.0
a
0.0
baseline
0.0
OPS
0.0
EC
0.0
program
0.0
for
0.0
which
0.0
the
0.0
commander
0.0
has
0.0
determined
0.0
a
0.0
minimal
0.0
level
0.0
of
0.0
OPS
0.0
EC
0.0
management
0.0
and
0.0
resources
0.0
are
0.0
required
0.0
.
0.0
A
0.0
Level
0.0
I
0.0
program
0.0
may
0.0
fall
0.0
under
0.0
the
0.0
oversight
0.0
of
0.0
a
0.0
Level
0.0
II
0.0
or
0.0
Level
0.0
III
0.0
program
0.0
.
0.0
Level
0.0
II
0.0
.
0.0
A
0.0
Level
0.0
II
0.0
program
0.0
is
0.0
a
0.0
mid
0.0
lev
0.0
el
0.0
OPS
0.0
EC
0.0
program
0.0
that
0.0
requires
0.0
a
0.0
moderate
0.0
amount
0.0
of
0.0
program
0.0
management
0.0
and
0.0
dedicated
0.0
resources
0.0
.
0.0
A
0.0
Level
0.0
II
0.0
program
0.0
shall
0.0
meet
0.0
all
0.0
the
0.0
Level
0.0
I
0.0
requirements
0.0
.
0.0
In
0.0
addition
0.0
,
0.0
it
0.0
shall
0.0
be
0.0
headed
0.0
by
0.0
a
0.0
program
0.0
manager
0.0
(
0.0
defined
0.0
in
0.0
Reference
0.0
(
0.0
a
0.0
)
0.0
)
0.0
,
0.0
who
0.0
shall
0.0
:
0.0
Ensure
0.0
that
0.0
initial
0.0
and
0.0
annual
0.0
ref
0.0
resh
0.0
er
0.0
training
0.0
on
0.0
OPS
0.0
EC
0.0
is
0.0
provided
0.0
to
0.0
all
0.0
employees
0.0
and
0.0
identified
0.0
contractors
0.0
;
0.0
coordinate
0.0
training
0.0
for
0.0
Level
0.0
I
0.0
OPS
0.0
EC
0.0
coordinator
0.0
s
0.0
.
0.0
SHAP explanation for sample #4
outputs
Assure Information Sharing
Design for the Fight
Develop and Maintain Trust
Develop the Workforce
Develop the Workforce
Manage Access
Partner for Strength
Prevent and Delay Attackers and Prevent Attackers from Staying
Secure Data in Transit
Strengthen Cyber Readiness
Sustain Missions
Understand the Battlespace
0.30.1-0.1-0.30.50.70.900base value0.5846980.584698fAssure Information Sharing(inputs)0.124messaging0.103services0.096electronic0.05DoD0.043public0.042key enabling0.041Configure0.04requirements listed in0.038the0.031Services operated0.029.0.029.0.028gov Internet0.028to0.028meet0.027domains0.023the criteria for domain0.017These certificates must meet0.017.0.016validation for services operated0.015mil and0.015extended validation certificates0.015other Internet domain require0.0110.008.0.007in the .0.007.0.004and code-signing certificates0.003i0.002s0.0or-0.042-DoD controlled devices,-0.042.-0.04commercial device-0.04equivalent to DoD medium assurance)-0.036transportation layer security-0.035DoD websites and services used by non-0.021devices-0.017In accordance with the October 4, 2018 DoD CIO Memorandum,-0.015users of non-DoD-0.011,-0.009may be used on unclassified,-0.009other mobile-0.008(-0.007desktops,-0.007external-facing,-0.004.-0.003laptop-0.003e-0.00202.-0.002in any-0.001DoDI 8520-0.001
inputs
0.011
0.041 / 4
Configure
0.05
DoD
0.096
electronic
0.124
messaging
0.103
services
0.028
to
0.028
meet
0.038
the
0.043
public
0.042 / 2
key enabling
0.04 / 3
requirements listed in
-0.001 / 4
DoDI 8520
0.008
.
-0.002 / 2
02.
-0.017 / 13
In accordance with the October 4, 2018 DoD CIO Memorandum,
-0.04 / 2
commercial device
-0.036 / 3
transportation layer security
0.004 / 5
and code-signing certificates
-0.009 / 8
may be used on unclassified,
-0.007 / 4
external-facing,
-0.035 / 7
DoD websites and services used by non
-0.042 / 5
-DoD controlled devices,
0.003
i
-0.004
.
-0.003
e
0.017
.
-0.011
,
-0.015 / 5
users of non-DoD
-0.007 / 3
desktops,
-0.003
laptop
0.002
s
0.0
or
-0.009 / 2
other mobile
-0.021
devices
0.007
.
0.017 / 4
These certificates must meet
0.023 / 4
the criteria for domain
0.016 / 4
validation for services operated
0.007 / 3
in the .
0.015 / 2
mil and
0.029
.
0.028 / 2
gov Internet
0.027
domains
0.029
.
0.031 / 2
Services operated
-0.002 / 2
in any
0.015 / 4
other Internet domain require
0.015 / 3
extended validation certificates
-0.008
(
-0.04 / 6
equivalent to DoD medium assurance)
-0.042
.
-0.001
0.30.1-0.1-0.30.50.70.900base value0.5846980.584698fAssure Information Sharing(inputs)0.124messaging0.103services0.096electronic0.05DoD0.043public0.042key enabling0.041Configure0.04requirements listed in0.038the0.031Services operated0.029.0.029.0.028gov Internet0.028to0.028meet0.027domains0.023the criteria for domain0.017These certificates must meet0.017.0.016validation for services operated0.015mil and0.015extended validation certificates0.015other Internet domain require0.0110.008.0.007in the .0.007.0.004and code-signing certificates0.003i0.002s0.0or-0.042-DoD controlled devices,-0.042.-0.04commercial device-0.04equivalent to DoD medium assurance)-0.036transportation layer security-0.035DoD websites and services used by non-0.021devices-0.017In accordance with the October 4, 2018 DoD CIO Memorandum,-0.015users of non-DoD-0.011,-0.009may be used on unclassified,-0.009other mobile-0.008(-0.007desktops,-0.007external-facing,-0.004.-0.003laptop-0.003e-0.00202.-0.002in any-0.001DoDI 8520-0.001
inputs
0.011
0.041 / 4
Configure
0.05
DoD
0.096
electronic
0.124
messaging
0.103
services
0.028
to
0.028
meet
0.038
the
0.043
public
0.042 / 2
key enabling
0.04 / 3
requirements listed in
-0.001 / 4
DoDI 8520
0.008
.
-0.002 / 2
02.
-0.017 / 13
In accordance with the October 4, 2018 DoD CIO Memorandum,
-0.04 / 2
commercial device
-0.036 / 3
transportation layer security
0.004 / 5
and code-signing certificates
-0.009 / 8
may be used on unclassified,
-0.007 / 4
external-facing,
-0.035 / 7
DoD websites and services used by non
-0.042 / 5
-DoD controlled devices,
0.003
i
-0.004
.
-0.003
e
0.017
.
-0.011
,
-0.015 / 5
users of non-DoD
-0.007 / 3
desktops,
-0.003
laptop
0.002
s
0.0
or
-0.009 / 2
other mobile
-0.021
devices
0.007
.
0.017 / 4
These certificates must meet
0.023 / 4
the criteria for domain
0.016 / 4
validation for services operated
0.007 / 3
in the .
0.015 / 2
mil and
0.029
.
0.028 / 2
gov Internet
0.027
domains
0.029
.
0.031 / 2
Services operated
-0.002 / 2
in any
0.015 / 4
other Internet domain require
0.015 / 3
extended validation certificates
-0.008
(
-0.04 / 6
equivalent to DoD medium assurance)
-0.042
.
-0.001
0.30.1-0.1-0.30.50.70.900base value00fDesign for the Fight(inputs)
inputs
0.0
0.0
Con
0.0
fi
0.0
gur
0.0
e
0.0
DoD
0.0
electronic
0.0
messaging
0.0
services
0.0
to
0.0
meet
0.0
the
0.0
public
0.0
key
0.0
enabling
0.0
requirements
0.0
listed
0.0
in
0.0
DoD
0.0
I
0.0
85
0.0
20
0.0
.
0.0
02
0.0
.
0.0
In
0.0
accordance
0.0
with
0.0
the
0.0
October
0.0
4
0.0
,
0.0
2018
0.0
DoD
0.0
CI
0.0
O
0.0
Memorandum
0.0
,
0.0
commercial
0.0
device
0.0
transportation
0.0
layer
0.0
security
0.0
and
0.0
code
0.0
-
0.0
signing
0.0
certificates
0.0
may
0.0
be
0.0
used
0.0
on
0.0
un
0.0
class
0.0
ified
0.0
,
0.0
external
0.0
-
0.0
facing
0.0
,
0.0
DoD
0.0
websites
0.0
and
0.0
services
0.0
used
0.0
by
0.0
non
0.0
-
0.0
DoD
0.0
controlled
0.0
devices
0.0
,
0.0
i
0.0
.
0.0
e
0.0
.
0.0
,
0.0
users
0.0
of
0.0
non
0.0
-
0.0
DoD
0.0
desktop
0.0
s
0.0
,
0.0
laptop
0.0
s
0.0
or
0.0
other
0.0
mobile
0.0
devices
0.0
.
0.0
These
0.0
certificates
0.0
must
0.0
meet
0.0
the
0.0
criteria
0.0
for
0.0
domain
0.0
validation
0.0
for
0.0
services
0.0
operated
0.0
in
0.0
the
0.0
.
0.0
mil
0.0
and
0.0
.
0.0
gov
0.0
Internet
0.0
domains
0.0
.
0.0
Services
0.0
operated
0.0
in
0.0
any
0.0
other
0.0
Internet
0.0
domain
0.0
require
0.0
extended
0.0
validation
0.0
certificates
0.0
(
0.0
equivalent
0.0
to
0.0
DoD
0.0
medium
0.0
assurance
0.0
)
0.0
.
0.0
000000000000000000000base value00fDesign for the Fight(inputs)
inputs
0.0
0.0
Con
0.0
fi
0.0
gur
0.0
e
0.0
DoD
0.0
electronic
0.0
messaging
0.0
services
0.0
to
0.0
meet
0.0
the
0.0
public
0.0
key
0.0
enabling
0.0
requirements
0.0
listed
0.0
in
0.0
DoD
0.0
I
0.0
85
0.0
20
0.0
.
0.0
02
0.0
.
0.0
In
0.0
accordance
0.0
with
0.0
the
0.0
October
0.0
4
0.0
,
0.0
2018
0.0
DoD
0.0
CI
0.0
O
0.0
Memorandum
0.0
,
0.0
commercial
0.0
device
0.0
transportation
0.0
layer
0.0
security
0.0
and
0.0
code
0.0
-
0.0
signing
0.0
certificates
0.0
may
0.0
be
0.0
used
0.0
on
0.0
un
0.0
class
0.0
ified
0.0
,
0.0
external
0.0
-
0.0
facing
0.0
,
0.0
DoD
0.0
websites
0.0
and
0.0
services
0.0
used
0.0
by
0.0
non
0.0
-
0.0
DoD
0.0
controlled
0.0
devices
0.0
,
0.0
i
0.0
.
0.0
e
0.0
.
0.0
,
0.0
users
0.0
of
0.0
non
0.0
-
0.0
DoD
0.0
desktop
0.0
s
0.0
,
0.0
laptop
0.0
s
0.0
or
0.0
other
0.0
mobile
0.0
devices
0.0
.
0.0
These
0.0
certificates
0.0
must
0.0
meet
0.0
the
0.0
criteria
0.0
for
0.0
domain
0.0
validation
0.0
for
0.0
services
0.0
operated
0.0
in
0.0
the
0.0
.
0.0
mil
0.0
and
0.0
.
0.0
gov
0.0
Internet
0.0
domains
0.0
.
0.0
Services
0.0
operated
0.0
in
0.0
any
0.0
other
0.0
Internet
0.0
domain
0.0
require
0.0
extended
0.0
validation
0.0
certificates
0.0
(
0.0
equivalent
0.0
to
0.0
DoD
0.0
medium
0.0
assurance
0.0
)
0.0
.
0.0
0.30.1-0.1-0.30.50.70.900base value00fDevelop and Maintain Trust(inputs)
inputs
0.0
0.0
Con
0.0
fi
0.0
gur
0.0
e
0.0
DoD
0.0
electronic
0.0
messaging
0.0
services
0.0
to
0.0
meet
0.0
the
0.0
public
0.0
key
0.0
enabling
0.0
requirements
0.0
listed
0.0
in
0.0
DoD
0.0
I
0.0
85
0.0
20
0.0
.
0.0
02
0.0
.
0.0
In
0.0
accordance
0.0
with
0.0
the
0.0
October
0.0
4
0.0
,
0.0
2018
0.0
DoD
0.0
CI
0.0
O
0.0
Memorandum
0.0
,
0.0
commercial
0.0
device
0.0
transportation
0.0
layer
0.0
security
0.0
and
0.0
code
0.0
-
0.0
signing
0.0
certificates
0.0
may
0.0
be
0.0
used
0.0
on
0.0
un
0.0
class
0.0
ified
0.0
,
0.0
external
0.0
-
0.0
facing
0.0
,
0.0
DoD
0.0
websites
0.0
and
0.0
services
0.0
used
0.0
by
0.0
non
0.0
-
0.0
DoD
0.0
controlled
0.0
devices
0.0
,
0.0
i
0.0
.
0.0
e
0.0
.
0.0
,
0.0
users
0.0
of
0.0
non
0.0
-
0.0
DoD
0.0
desktop
0.0
s
0.0
,
0.0
laptop
0.0
s
0.0
or
0.0
other
0.0
mobile
0.0
devices
0.0
.
0.0
These
0.0
certificates
0.0
must
0.0
meet
0.0
the
0.0
criteria
0.0
for
0.0
domain
0.0
validation
0.0
for
0.0
services
0.0
operated
0.0
in
0.0
the
0.0
.
0.0
mil
0.0
and
0.0
.
0.0
gov
0.0
Internet
0.0
domains
0.0
.
0.0
Services
0.0
operated
0.0
in
0.0
any
0.0
other
0.0
Internet
0.0
domain
0.0
require
0.0
extended
0.0
validation
0.0
certificates
0.0
(
0.0
equivalent
0.0
to
0.0
DoD
0.0
medium
0.0
assurance
0.0
)
0.0
.
0.0
000000000000000000000base value00fDevelop and Maintain Trust(inputs)
inputs
0.0
0.0
Con
0.0
fi
0.0
gur
0.0
e
0.0
DoD
0.0
electronic
0.0
messaging
0.0
services
0.0
to
0.0
meet
0.0
the
0.0
public
0.0
key
0.0
enabling
0.0
requirements
0.0
listed
0.0
in
0.0
DoD
0.0
I
0.0
85
0.0
20
0.0
.
0.0
02
0.0
.
0.0
In
0.0
accordance
0.0
with
0.0
the
0.0
October
0.0
4
0.0
,
0.0
2018
0.0
DoD
0.0
CI
0.0
O
0.0
Memorandum
0.0
,
0.0
commercial
0.0
device
0.0
transportation
0.0
layer
0.0
security
0.0
and
0.0
code
0.0
-
0.0
signing
0.0
certificates
0.0
may
0.0
be
0.0
used
0.0
on
0.0
un
0.0
class
0.0
ified
0.0
,
0.0
external
0.0
-
0.0
facing
0.0
,
0.0
DoD
0.0
websites
0.0
and
0.0
services
0.0
used
0.0
by
0.0
non
0.0
-
0.0
DoD
0.0
controlled
0.0
devices
0.0
,
0.0
i
0.0
.
0.0
e
0.0
.
0.0
,
0.0
users
0.0
of
0.0
non
0.0
-
0.0
DoD
0.0
desktop
0.0
s
0.0
,
0.0
laptop
0.0
s
0.0
or
0.0
other
0.0
mobile
0.0
devices
0.0
.
0.0
These
0.0
certificates
0.0
must
0.0
meet
0.0
the
0.0
criteria
0.0
for
0.0
domain
0.0
validation
0.0
for
0.0
services
0.0
operated
0.0
in
0.0
the
0.0
.
0.0
mil
0.0
and
0.0
.
0.0
gov
0.0
Internet
0.0
domains
0.0
.
0.0
Services
0.0
operated
0.0
in
0.0
any
0.0
other
0.0
Internet
0.0
domain
0.0
require
0.0
extended
0.0
validation
0.0
certificates
0.0
(
0.0
equivalent
0.0
to
0.0
DoD
0.0
medium
0.0
assurance
0.0
)
0.0
.
0.0
0.30.1-0.1-0.30.50.70.900base value00fDevelop the Workforce(inputs)
inputs
0.0
0.0
Con
0.0
fi
0.0
gur
0.0
e
0.0
DoD
0.0
electronic
0.0
messaging
0.0
services
0.0
to
0.0
meet
0.0
the
0.0
public
0.0
key
0.0
enabling
0.0
requirements
0.0
listed
0.0
in
0.0
DoD
0.0
I
0.0
85
0.0
20
0.0
.
0.0
02
0.0
.
0.0
In
0.0
accordance
0.0
with
0.0
the
0.0
October
0.0
4
0.0
,
0.0
2018
0.0
DoD
0.0
CI
0.0
O
0.0
Memorandum
0.0
,
0.0
commercial
0.0
device
0.0
transportation
0.0
layer
0.0
security
0.0
and
0.0
code
0.0
-
0.0
signing
0.0
certificates
0.0
may
0.0
be
0.0
used
0.0
on
0.0
un
0.0
class
0.0
ified
0.0
,
0.0
external
0.0
-
0.0
facing
0.0
,
0.0
DoD
0.0
websites
0.0
and
0.0
services
0.0
used
0.0
by
0.0
non
0.0
-
0.0
DoD
0.0
controlled
0.0
devices
0.0
,
0.0
i
0.0
.
0.0
e
0.0
.
0.0
,
0.0
users
0.0
of
0.0
non
0.0
-
0.0
DoD
0.0
desktop
0.0
s
0.0
,
0.0
laptop
0.0
s
0.0
or
0.0
other
0.0
mobile
0.0
devices
0.0
.
0.0
These
0.0
certificates
0.0
must
0.0
meet
0.0
the
0.0
criteria
0.0
for
0.0
domain
0.0
validation
0.0
for
0.0
services
0.0
operated
0.0
in
0.0
the
0.0
.
0.0
mil
0.0
and
0.0
.
0.0
gov
0.0
Internet
0.0
domains
0.0
.
0.0
Services
0.0
operated
0.0
in
0.0
any
0.0
other
0.0
Internet
0.0
domain
0.0
require
0.0
extended
0.0
validation
0.0
certificates
0.0
(
0.0
equivalent
0.0
to
0.0
DoD
0.0
medium
0.0
assurance
0.0
)
0.0
.
0.0
000000000000000000000base value00fDevelop the Workforce(inputs)
inputs
0.0
0.0
Con
0.0
fi
0.0
gur
0.0
e
0.0
DoD
0.0
electronic
0.0
messaging
0.0
services
0.0
to
0.0
meet
0.0
the
0.0
public
0.0
key
0.0
enabling
0.0
requirements
0.0
listed
0.0
in
0.0
DoD
0.0
I
0.0
85
0.0
20
0.0
.
0.0
02
0.0
.
0.0
In
0.0
accordance
0.0
with
0.0
the
0.0
October
0.0
4
0.0
,
0.0
2018
0.0
DoD
0.0
CI
0.0
O
0.0
Memorandum
0.0
,
0.0
commercial
0.0
device
0.0
transportation
0.0
layer
0.0
security
0.0
and
0.0
code
0.0
-
0.0
signing
0.0
certificates
0.0
may
0.0
be
0.0
used
0.0
on
0.0
un
0.0
class
0.0
ified
0.0
,
0.0
external
0.0
-
0.0
facing
0.0
,
0.0
DoD
0.0
websites
0.0
and
0.0
services
0.0
used
0.0
by
0.0
non
0.0
-
0.0
DoD
0.0
controlled
0.0
devices
0.0
,
0.0
i
0.0
.
0.0
e
0.0
.
0.0
,
0.0
users
0.0
of
0.0
non
0.0
-
0.0
DoD
0.0
desktop
0.0
s
0.0
,
0.0
laptop
0.0
s
0.0
or
0.0
other
0.0
mobile
0.0
devices
0.0
.
0.0
These
0.0
certificates
0.0
must
0.0
meet
0.0
the
0.0
criteria
0.0
for
0.0
domain
0.0
validation
0.0
for
0.0
services
0.0
operated
0.0
in
0.0
the
0.0
.
0.0
mil
0.0
and
0.0
.
0.0
gov
0.0
Internet
0.0
domains
0.0
.
0.0
Services
0.0
operated
0.0
in
0.0
any
0.0
other
0.0
Internet
0.0
domain
0.0
require
0.0
extended
0.0
validation
0.0
certificates
0.0
(
0.0
equivalent
0.0
to
0.0
DoD
0.0
medium
0.0
assurance
0.0
)
0.0
.
0.0
0.30.1-0.1-0.30.50.70.900base value00fDevelop the Workforce (inputs)
inputs
0.0
0.0
Con
0.0
fi
0.0
gur
0.0
e
0.0
DoD
0.0
electronic
0.0
messaging
0.0
services
0.0
to
0.0
meet
0.0
the
0.0
public
0.0
key
0.0
enabling
0.0
requirements
0.0
listed
0.0
in
0.0
DoD
0.0
I
0.0
85
0.0
20
0.0
.
0.0
02
0.0
.
0.0
In
0.0
accordance
0.0
with
0.0
the
0.0
October
0.0
4
0.0
,
0.0
2018
0.0
DoD
0.0
CI
0.0
O
0.0
Memorandum
0.0
,
0.0
commercial
0.0
device
0.0
transportation
0.0
layer
0.0
security
0.0
and
0.0
code
0.0
-
0.0
signing
0.0
certificates
0.0
may
0.0
be
0.0
used
0.0
on
0.0
un
0.0
class
0.0
ified
0.0
,
0.0
external
0.0
-
0.0
facing
0.0
,
0.0
DoD
0.0
websites
0.0
and
0.0
services
0.0
used
0.0
by
0.0
non
0.0
-
0.0
DoD
0.0
controlled
0.0
devices
0.0
,
0.0
i
0.0
.
0.0
e
0.0
.
0.0
,
0.0
users
0.0
of
0.0
non
0.0
-
0.0
DoD
0.0
desktop
0.0
s
0.0
,
0.0
laptop
0.0
s
0.0
or
0.0
other
0.0
mobile
0.0
devices
0.0
.
0.0
These
0.0
certificates
0.0
must
0.0
meet
0.0
the
0.0
criteria
0.0
for
0.0
domain
0.0
validation
0.0
for
0.0
services
0.0
operated
0.0
in
0.0
the
0.0
.
0.0
mil
0.0
and
0.0
.
0.0
gov
0.0
Internet
0.0
domains
0.0
.
0.0
Services
0.0
operated
0.0
in
0.0
any
0.0
other
0.0
Internet
0.0
domain
0.0
require
0.0
extended
0.0
validation
0.0
certificates
0.0
(
0.0
equivalent
0.0
to
0.0
DoD
0.0
medium
0.0
assurance
0.0
)
0.0
.
0.0
000000000000000000000base value00fDevelop the Workforce (inputs)
inputs
0.0
0.0
Con
0.0
fi
0.0
gur
0.0
e
0.0
DoD
0.0
electronic
0.0
messaging
0.0
services
0.0
to
0.0
meet
0.0
the
0.0
public
0.0
key
0.0
enabling
0.0
requirements
0.0
listed
0.0
in
0.0
DoD
0.0
I
0.0
85
0.0
20
0.0
.
0.0
02
0.0
.
0.0
In
0.0
accordance
0.0
with
0.0
the
0.0
October
0.0
4
0.0
,
0.0
2018
0.0
DoD
0.0
CI
0.0
O
0.0
Memorandum
0.0
,
0.0
commercial
0.0
device
0.0
transportation
0.0
layer
0.0
security
0.0
and
0.0
code
0.0
-
0.0
signing
0.0
certificates
0.0
may
0.0
be
0.0
used
0.0
on
0.0
un
0.0
class
0.0
ified
0.0
,
0.0
external
0.0
-
0.0
facing
0.0
,
0.0
DoD
0.0
websites
0.0
and
0.0
services
0.0
used
0.0
by
0.0
non
0.0
-
0.0
DoD
0.0
controlled
0.0
devices
0.0
,
0.0
i
0.0
.
0.0
e
0.0
.
0.0
,
0.0
users
0.0
of
0.0
non
0.0
-
0.0
DoD
0.0
desktop
0.0
s
0.0
,
0.0
laptop
0.0
s
0.0
or
0.0
other
0.0
mobile
0.0
devices
0.0
.
0.0
These
0.0
certificates
0.0
must
0.0
meet
0.0
the
0.0
criteria
0.0
for
0.0
domain
0.0
validation
0.0
for
0.0
services
0.0
operated
0.0
in
0.0
the
0.0
.
0.0
mil
0.0
and
0.0
.
0.0
gov
0.0
Internet
0.0
domains
0.0
.
0.0
Services
0.0
operated
0.0
in
0.0
any
0.0
other
0.0
Internet
0.0
domain
0.0
require
0.0
extended
0.0
validation
0.0
certificates
0.0
(
0.0
equivalent
0.0
to
0.0
DoD
0.0
medium
0.0
assurance
0.0
)
0.0
.
0.0
0.30.1-0.1-0.30.50.70.900base value00fManage Access(inputs)0.012users of non-DoD0.006code-signing certificates0.005These certificates must meet0.005in the .0.005validation for services operated0.005the criteria for domain0.001mil and .0.001.-0.021gov Internet domains-0.012desktops,-0.006commercial device transportation layer security-0.0and
inputs
0.0
0.0
Con
0.0
fi
0.0
gur
0.0
e
0.0
DoD
0.0
electronic
0.0
messaging
0.0
services
0.0
to
0.0
meet
0.0
the
0.0
public
0.0
key
0.0
enabling
0.0
requirements
0.0
listed
0.0
in
0.0
DoD
0.0
I
0.0
85
0.0
20
0.0
.
0.0
02
0.0
.
0.0
In
0.0
accordance
0.0
with
0.0
the
0.0
October
0.0
4
0.0
,
0.0
2018
0.0
DoD
0.0
CI
0.0
O
0.0
Memorandum
0.0
,
-0.006 / 5
commercial device transportation layer security
-0.0
and
0.006 / 4
code-signing certificates
0.0
may
0.0
be
0.0
used
0.0
on
0.0
un
0.0
class
0.0
ified
0.0
,
0.0
external
0.0
-
0.0
facing
0.0
,
0.0
DoD
0.0
websites
0.0
and
0.0
services
0.0
used
0.0
by
0.0
non
0.0
-
0.0
DoD
0.0
controlled
0.0
devices
0.0
,
0.0
i
0.0
.
0.0
e
0.0
.
0.0
,
0.012 / 5
users of non-DoD
-0.012 / 3
desktops,
0.0
laptop
0.0
s
0.0
or
0.0
other
0.0
mobile
0.0
devices
0.0
.
0.005 / 4
These certificates must meet
0.005 / 4
the criteria for domain
0.005 / 4
validation for services operated
0.005 / 3
in the .
0.001 / 3
mil and .
-0.021 / 3
gov Internet domains
0.001
.
0.0
Services
0.0
operated
0.0
in
0.0
any
0.0
other
0.0
Internet
0.0
domain
0.0
require
0.0
extended
0.0
validation
0.0
certificates
0.0
(
0.0
equivalent
0.0
to
0.0
DoD
0.0
medium
0.0
assurance
0.0
)
0.0
.
0.0
0-0.01-0.02-0.03-0.040.010.020.030.0400base value00fManage Access(inputs)0.012users of non-DoD0.006code-signing certificates0.005These certificates must meet0.005in the .0.005validation for services operated0.005the criteria for domain0.001mil and .0.001.-0.021gov Internet domains-0.012desktops,-0.006commercial device transportation layer security-0.0and
inputs
0.0
0.0
Con
0.0
fi
0.0
gur
0.0
e
0.0
DoD
0.0
electronic
0.0
messaging
0.0
services
0.0
to
0.0
meet
0.0
the
0.0
public
0.0
key
0.0
enabling
0.0
requirements
0.0
listed
0.0
in
0.0
DoD
0.0
I
0.0
85
0.0
20
0.0
.
0.0
02
0.0
.
0.0
In
0.0
accordance
0.0
with
0.0
the
0.0
October
0.0
4
0.0
,
0.0
2018
0.0
DoD
0.0
CI
0.0
O
0.0
Memorandum
0.0
,
-0.006 / 5
commercial device transportation layer security
-0.0
and
0.006 / 4
code-signing certificates
0.0
may
0.0
be
0.0
used
0.0
on
0.0
un
0.0
class
0.0
ified
0.0
,
0.0
external
0.0
-
0.0
facing
0.0
,
0.0
DoD
0.0
websites
0.0
and
0.0
services
0.0
used
0.0
by
0.0
non
0.0
-
0.0
DoD
0.0
controlled
0.0
devices
0.0
,
0.0
i
0.0
.
0.0
e
0.0
.
0.0
,
0.012 / 5
users of non-DoD
-0.012 / 3
desktops,
0.0
laptop
0.0
s
0.0
or
0.0
other
0.0
mobile
0.0
devices
0.0
.
0.005 / 4
These certificates must meet
0.005 / 4
the criteria for domain
0.005 / 4
validation for services operated
0.005 / 3
in the .
0.001 / 3
mil and .
-0.021 / 3
gov Internet domains
0.001
.
0.0
Services
0.0
operated
0.0
in
0.0
any
0.0
other
0.0
Internet
0.0
domain
0.0
require
0.0
extended
0.0
validation
0.0
certificates
0.0
(
0.0
equivalent
0.0
to
0.0
DoD
0.0
medium
0.0
assurance
0.0
)
0.0
.
0.0
0.30.1-0.1-0.30.50.70.900base value00fPartner for Strength(inputs)
inputs
0.0
0.0
Con
0.0
fi
0.0
gur
0.0
e
0.0
DoD
0.0
electronic
0.0
messaging
0.0
services
0.0
to
0.0
meet
0.0
the
0.0
public
0.0
key
0.0
enabling
0.0
requirements
0.0
listed
0.0
in
0.0
DoD
0.0
I
0.0
85
0.0
20
0.0
.
0.0
02
0.0
.
0.0
In
0.0
accordance
0.0
with
0.0
the
0.0
October
0.0
4
0.0
,
0.0
2018
0.0
DoD
0.0
CI
0.0
O
0.0
Memorandum
0.0
,
0.0
commercial
0.0
device
0.0
transportation
0.0
layer
0.0
security
0.0
and
0.0
code
0.0
-
0.0
signing
0.0
certificates
0.0
may
0.0
be
0.0
used
0.0
on
0.0
un
0.0
class
0.0
ified
0.0
,
0.0
external
0.0
-
0.0
facing
0.0
,
0.0
DoD
0.0
websites
0.0
and
0.0
services
0.0
used
0.0
by
0.0
non
0.0
-
0.0
DoD
0.0
controlled
0.0
devices
0.0
,
0.0
i
0.0
.
0.0
e
0.0
.
0.0
,
0.0
users
0.0
of
0.0
non
0.0
-
0.0
DoD
0.0
desktop
0.0
s
0.0
,
0.0
laptop
0.0
s
0.0
or
0.0
other
0.0
mobile
0.0
devices
0.0
.
0.0
These
0.0
certificates
0.0
must
0.0
meet
0.0
the
0.0
criteria
0.0
for
0.0
domain
0.0
validation
0.0
for
0.0
services
0.0
operated
0.0
in
0.0
the
0.0
.
0.0
mil
0.0
and
0.0
.
0.0
gov
0.0
Internet
0.0
domains
0.0
.
0.0
Services
0.0
operated
0.0
in
0.0
any
0.0
other
0.0
Internet
0.0
domain
0.0
require
0.0
extended
0.0
validation
0.0
certificates
0.0
(
0.0
equivalent
0.0
to
0.0
DoD
0.0
medium
0.0
assurance
0.0
)
0.0
.
0.0
000000000000000000000base value00fPartner for Strength(inputs)
inputs
0.0
0.0
Con
0.0
fi
0.0
gur
0.0
e
0.0
DoD
0.0
electronic
0.0
messaging
0.0
services
0.0
to
0.0
meet
0.0
the
0.0
public
0.0
key
0.0
enabling
0.0
requirements
0.0
listed
0.0
in
0.0
DoD
0.0
I
0.0
85
0.0
20
0.0
.
0.0
02
0.0
.
0.0
In
0.0
accordance
0.0
with
0.0
the
0.0
October
0.0
4
0.0
,
0.0
2018
0.0
DoD
0.0
CI
0.0
O
0.0
Memorandum
0.0
,
0.0
commercial
0.0
device
0.0
transportation
0.0
layer
0.0
security
0.0
and
0.0
code
0.0
-
0.0
signing
0.0
certificates
0.0
may
0.0
be
0.0
used
0.0
on
0.0
un
0.0
class
0.0
ified
0.0
,
0.0
external
0.0
-
0.0
facing
0.0
,
0.0
DoD
0.0
websites
0.0
and
0.0
services
0.0
used
0.0
by
0.0
non
0.0
-
0.0
DoD
0.0
controlled
0.0
devices
0.0
,
0.0
i
0.0
.
0.0
e
0.0
.
0.0
,
0.0
users
0.0
of
0.0
non
0.0
-
0.0
DoD
0.0
desktop
0.0
s
0.0
,
0.0
laptop
0.0
s
0.0
or
0.0
other
0.0
mobile
0.0
devices
0.0
.
0.0
These
0.0
certificates
0.0
must
0.0
meet
0.0
the
0.0
criteria
0.0
for
0.0
domain
0.0
validation
0.0
for
0.0
services
0.0
operated
0.0
in
0.0
the
0.0
.
0.0
mil
0.0
and
0.0
.
0.0
gov
0.0
Internet
0.0
domains
0.0
.
0.0
Services
0.0
operated
0.0
in
0.0
any
0.0
other
0.0
Internet
0.0
domain
0.0
require
0.0
extended
0.0
validation
0.0
certificates
0.0
(
0.0
equivalent
0.0
to
0.0
DoD
0.0
medium
0.0
assurance
0.0
)
0.0
.
0.0
0.30.1-0.1-0.30.50.70.90.5092090.509209base value00fPrevent and Delay Attackers and Prevent Attackers from Staying(inputs)0.062transportation layer security0.058DoD websites and services used by non0.058-DoD controlled devices,0.05commercial device0.026equivalent to DoD medium assurance)0.024devices0.024.0.023desktops,0.018external-facing,0.017.0.011laptop0.007i0.005e.0.004s0.0040.003or0.00102.0.001in any0.001.0.0key enabling0.0other mobile-0.117messaging-0.1services-0.06These certificates-0.058must meet-0.054the criteria for domain-0.051electronic-0.037validation for services operated-0.0342018 DoD CIO Memorandum,-0.032In accordance with the October 4,-0.029in the .-0.028code-signing certificates-0.027Services operated-0.025DoD-0.022.-0.021other Internet domain require-0.021may be used on-0.02extended validation certificates-0.017public-0.017the-0.015and-0.014requirements listed-0.014Configure-0.014unclassified,-0.013.-0.009.-0.008DoDI 8520-0.008to-0.007,-0.007mil and-0.007domains-0.007gov Internet-0.006meet-0.004in-0.003(-0.001users of non-DoD
inputs
0.004
-0.014 / 4
Configure
-0.025
DoD
-0.051
electronic
-0.117
messaging
-0.1
services
-0.008
to
-0.006
meet
-0.017
the
-0.017
public
0.0 / 2
key enabling
-0.014 / 2
requirements listed
-0.004
in
-0.008 / 4
DoDI 8520
-0.009
.
0.001 / 2
02.
-0.032 / 7
In accordance with the October 4,
-0.034 / 6
2018 DoD CIO Memorandum,
0.05 / 2
commercial device
0.062 / 3
transportation layer security
-0.015
and
-0.028 / 4
code-signing certificates
-0.021 / 4
may be used on
-0.014 / 4
unclassified,
0.018 / 4
external-facing,
0.058 / 7
DoD websites and services used by non
0.058 / 5
-DoD controlled devices,
0.007
i
0.017
.
0.005 / 2
e.
-0.007
,
-0.001 / 5
users of non-DoD
0.023 / 3
desktops,
0.011
laptop
0.004
s
0.003
or
0.0 / 2
other mobile
0.024
devices
0.001
.
-0.06 / 2
These certificates
-0.058 / 2
must meet
-0.054 / 4
the criteria for domain
-0.037 / 4
validation for services operated
-0.029 / 3
in the .
-0.007 / 2
mil and
-0.022
.
-0.007 / 2
gov Internet
-0.007
domains
-0.013
.
-0.027 / 2
Services operated
0.001 / 2
in any
-0.021 / 4
other Internet domain require
-0.02 / 3
extended validation certificates
-0.003
(
0.026 / 6
equivalent to DoD medium assurance)
0.024
.
0.0
0.30.1-0.1-0.30.50.70.90.5092090.509209base value00fPrevent and Delay Attackers and Prevent Attackers from Staying(inputs)0.062transportation layer security0.058DoD websites and services used by non0.058-DoD controlled devices,0.05commercial device0.026equivalent to DoD medium assurance)0.024devices0.024.0.023desktops,0.018external-facing,0.017.0.011laptop0.007i0.005e.0.004s0.0040.003or0.00102.0.001in any0.001.0.0key enabling0.0other mobile-0.117messaging-0.1services-0.06These certificates-0.058must meet-0.054the criteria for domain-0.051electronic-0.037validation for services operated-0.0342018 DoD CIO Memorandum,-0.032In accordance with the October 4,-0.029in the .-0.028code-signing certificates-0.027Services operated-0.025DoD-0.022.-0.021other Internet domain require-0.021may be used on-0.02extended validation certificates-0.017public-0.017the-0.015and-0.014requirements listed-0.014Configure-0.014unclassified,-0.013.-0.009.-0.008DoDI 8520-0.008to-0.007,-0.007mil and-0.007domains-0.007gov Internet-0.006meet-0.004in-0.003(-0.001users of non-DoD
inputs
0.004
-0.014 / 4
Configure
-0.025
DoD
-0.051
electronic
-0.117
messaging
-0.1
services
-0.008
to
-0.006
meet
-0.017
the
-0.017
public
0.0 / 2
key enabling
-0.014 / 2
requirements listed
-0.004
in
-0.008 / 4
DoDI 8520
-0.009
.
0.001 / 2
02.
-0.032 / 7
In accordance with the October 4,
-0.034 / 6
2018 DoD CIO Memorandum,
0.05 / 2
commercial device
0.062 / 3
transportation layer security
-0.015
and
-0.028 / 4
code-signing certificates
-0.021 / 4
may be used on
-0.014 / 4
unclassified,
0.018 / 4
external-facing,
0.058 / 7
DoD websites and services used by non
0.058 / 5
-DoD controlled devices,
0.007
i
0.017
.
0.005 / 2
e.
-0.007
,
-0.001 / 5
users of non-DoD
0.023 / 3
desktops,
0.011
laptop
0.004
s
0.003
or
0.0 / 2
other mobile
0.024
devices
0.001
.
-0.06 / 2
These certificates
-0.058 / 2
must meet
-0.054 / 4
the criteria for domain
-0.037 / 4
validation for services operated
-0.029 / 3
in the .
-0.007 / 2
mil and
-0.022
.
-0.007 / 2
gov Internet
-0.007
domains
-0.013
.
-0.027 / 2
Services operated
0.001 / 2
in any
-0.021 / 4
other Internet domain require
-0.02 / 3
extended validation certificates
-0.003
(
0.026 / 6
equivalent to DoD medium assurance)
0.024
.
0.0
0.30.1-0.1-0.30.50.70.900base value00fSecure Data in Transit(inputs)0.02Configure0.013requirements listed0.011DoDI 85200.011.0.007validation for services operated in the .0.005in0.003the criteria for domain0.0032018 DoD CIO Memorandum,0.003In accordance with the October 4,0.003key enabling0.0020.002must meet0.002These certificates-0.02messaging-0.016electronic-0.013services-0.007mil and .-0.007gov Internet domains.-0.00702.-0.007DoD-0.005to meet-0.005the public
inputs
0.002
0.02 / 4
Configure
-0.007
DoD
-0.016
electronic
-0.02
messaging
-0.013
services
-0.005 / 2
to meet
-0.005 / 2
the public
0.003 / 2
key enabling
0.013 / 2
requirements listed
0.005
in
0.011 / 4
DoDI 8520
0.011
.
-0.007 / 2
02.
0.003 / 7
In accordance with the October 4,
0.003 / 6
2018 DoD CIO Memorandum,
0.0
commercial
0.0
device
0.0
transportation
0.0
layer
0.0
security
0.0
and
0.0
code
0.0
-
0.0
signing
0.0
certificates
0.0
may
0.0
be
0.0
used
0.0
on
0.0
un
0.0
class
0.0
ified
0.0
,
0.0
external
0.0
-
0.0
facing
0.0
,
0.0
DoD
0.0
websites
0.0
and
0.0
services
0.0
used
0.0
by
0.0
non
0.0
-
0.0
DoD
0.0
controlled
0.0
devices
0.0
,
0.0
i
0.0
.
0.0
e
0.0
.
0.0
,
0.0
users
0.0
of
0.0
non
0.0
-
0.0
DoD
0.0
desktop
0.0
s
0.0
,
0.0
laptop
0.0
s
0.0
or
0.0
other
0.0
mobile
0.0
devices
0.0
.
0.002 / 2
These certificates
0.002 / 2
must meet
0.003 / 4
the criteria for domain
0.007 / 7
validation for services operated in the .
-0.007 / 3
mil and .
-0.007 / 4
gov Internet domains.
0.0
Services
0.0
operated
0.0
in
0.0
any
0.0
other
0.0
Internet
0.0
domain
0.0
require
0.0
extended
0.0
validation
0.0
certificates
0.0
(
0.0
equivalent
0.0
to
0.0
DoD
0.0
medium
0.0
assurance
0.0
)
0.0
.
0.0
0-0.03-0.060.030.0600base value00fSecure Data in Transit(inputs)0.02Configure0.013requirements listed0.011DoDI 85200.011.0.007validation for services operated in the .0.005in0.003the criteria for domain0.0032018 DoD CIO Memorandum,0.003In accordance with the October 4,0.003key enabling0.0020.002must meet0.002These certificates-0.02messaging-0.016electronic-0.013services-0.007mil and .-0.007gov Internet domains.-0.00702.-0.007DoD-0.005to meet-0.005the public
0.30.1-0.1-0.30.50.70.900base value00fUnderstand the Battlespace(inputs)
inputs
0.0
0.0
Con
0.0
fi
0.0
gur
0.0
e
0.0
DoD
0.0
electronic
0.0
messaging
0.0
services
0.0
to
0.0
meet
0.0
the
0.0
public
0.0
key
0.0
enabling
0.0
requirements
0.0
listed
0.0
in
0.0
DoD
0.0
I
0.0
85
0.0
20
0.0
.
0.0
02
0.0
.
0.0
In
0.0
accordance
0.0
with
0.0
the
0.0
October
0.0
4
0.0
,
0.0
2018
0.0
DoD
0.0
CI
0.0
O
0.0
Memorandum
0.0
,
0.0
commercial
0.0
device
0.0
transportation
0.0
layer
0.0
security
0.0
and
0.0
code
0.0
-
0.0
signing
0.0
certificates
0.0
may
0.0
be
0.0
used
0.0
on
0.0
un
0.0
class
0.0
ified
0.0
,
0.0
external
0.0
-
0.0
facing
0.0
,
0.0
DoD
0.0
websites
0.0
and
0.0
services
0.0
used
0.0
by
0.0
non
0.0
-
0.0
DoD
0.0
controlled
0.0
devices
0.0
,
0.0
i
0.0
.
0.0
e
0.0
.
0.0
,
0.0
users
0.0
of
0.0
non
0.0
-
0.0
DoD
0.0
desktop
0.0
s
0.0
,
0.0
laptop
0.0
s
0.0
or
0.0
other
0.0
mobile
0.0
devices
0.0
.
0.0
These
0.0
certificates
0.0
must
0.0
meet
0.0
the
0.0
criteria
0.0
for
0.0
domain
0.0
validation
0.0
for
0.0
services
0.0
operated
0.0
in
0.0
the
0.0
.
0.0
mil
0.0
and
0.0
.
0.0
gov
0.0
Internet
0.0
domains
0.0
.
0.0
Services
0.0
operated
0.0
in
0.0
any
0.0
other
0.0
Internet
0.0
domain
0.0
require
0.0
extended
0.0
validation
0.0
certificates
0.0
(
0.0
equivalent
0.0
to
0.0
DoD
0.0
medium
0.0
assurance
0.0
)
0.0
.
0.0
000000000000000000000base value00fUnderstand the Battlespace(inputs)
inputs
0.0
0.0
Con
0.0
fi
0.0
gur
0.0
e
0.0
DoD
0.0
electronic
0.0
messaging
0.0
services
0.0
to
0.0
meet
0.0
the
0.0
public
0.0
key
0.0
enabling
0.0
requirements
0.0
listed
0.0
in
0.0
DoD
0.0
I
0.0
85
0.0
20
0.0
.
0.0
02
0.0
.
0.0
In
0.0
accordance
0.0
with
0.0
the
0.0
October
0.0
4
0.0
,
0.0
2018
0.0
DoD
0.0
CI
0.0
O
0.0
Memorandum
0.0
,
0.0
commercial
0.0
device
0.0
transportation
0.0
layer
0.0
security
0.0
and
0.0
code
0.0
-
0.0
signing
0.0
certificates
0.0
may
0.0
be
0.0
used
0.0
on
0.0
un
0.0
class
0.0
ified
0.0
,
0.0
external
0.0
-
0.0
facing
0.0
,
0.0
DoD
0.0
websites
0.0
and
0.0
services
0.0
used
0.0
by
0.0
non
0.0
-
0.0
DoD
0.0
controlled
0.0
devices
0.0
,
0.0
i
0.0
.
0.0
e
0.0
.
0.0
,
0.0
users
0.0
of
0.0
non
0.0
-
0.0
DoD
0.0
desktop
0.0
s
0.0
,
0.0
laptop
0.0
s
0.0
or
0.0
other
0.0
mobile
0.0
devices
0.0
.
0.0
These
0.0
certificates
0.0
must
0.0
meet
0.0
the
0.0
criteria
0.0
for
0.0
domain
0.0
validation
0.0
for
0.0
services
0.0
operated
0.0
in
0.0
the
0.0
.
0.0
mil
0.0
and
0.0
.
0.0
gov
0.0
Internet
0.0
domains
0.0
.
0.0
Services
0.0
operated
0.0
in
0.0
any
0.0
other
0.0
Internet
0.0
domain
0.0
require
0.0
extended
0.0
validation
0.0
certificates
0.0
(
0.0
equivalent
0.0
to
0.0
DoD
0.0
medium
0.0
assurance
0.0
)
0.0
.
0.0
SHAP explanation for sample #5
outputs
Assure Information Sharing
Design for the Fight
Develop and Maintain Trust
Develop the Workforce
Develop the Workforce
Manage Access
Partner for Strength
Prevent and Delay Attackers and Prevent Attackers from Staying
Secure Data in Transit
Strengthen Cyber Readiness
Sustain Missions
Understand the Battlespace
0.50.30.10.70.91.100base value00fAssure Information Sharing(inputs)0.035.0.03banners0.028owned0.027.0.014and0.014/0.007notice0.007that0.005to0.0component-0.0shall-0.034individuals-0.021access-0.014As-0.014CC-0.013Information-0.013Systems-0.013consent-0.01are-0.01displayed-0.008ing-0.007Ensure-0.007:-0.002-controlled ISs-0.001or
inputs
0.0
0.0
Protection
0.0
of
0.0
and
0.0
Access
0.0
to
0.0
Information
0.0
and
-0.013
Information
-0.013
Systems
0.027
.
-0.014
CC
0.014
/
0.0
S
0.0
/
-0.014
As
0.0
shall
-0.007
:
-0.007
Ensure
0.007
that
0.007
notice
0.014
and
-0.013
consent
0.03
banners
-0.01
are
-0.01
displayed
0.005
to
-0.034
individuals
-0.021
access
-0.008
ing
0.0 / 2
component-
0.028
owned
-0.001
or
-0.002 / 3
-controlled ISs
0.035
.
0.0
0-0.10.100base value00fAssure Information Sharing(inputs)0.035.0.03banners0.028owned0.027.0.014and0.014/0.007notice0.007that0.005to0.0component-0.0shall-0.034individuals-0.021access-0.014As-0.014CC-0.013Information-0.013Systems-0.013consent-0.01are-0.01displayed-0.008ing-0.007Ensure-0.007:-0.002-controlled ISs-0.001or
inputs
0.0
0.0
Protection
0.0
of
0.0
and
0.0
Access
0.0
to
0.0
Information
0.0
and
-0.013
Information
-0.013
Systems
0.027
.
-0.014
CC
0.014
/
0.0
S
0.0
/
-0.014
As
0.0
shall
-0.007
:
-0.007
Ensure
0.007
that
0.007
notice
0.014
and
-0.013
consent
0.03
banners
-0.01
are
-0.01
displayed
0.005
to
-0.034
individuals
-0.021
access
-0.008
ing
0.0 / 2
component-
0.028
owned
-0.001
or
-0.002 / 3
-controlled ISs
0.035
.
0.0
0.50.30.10.70.91.100base value00fDesign for the Fight(inputs)
inputs
0.0
0.0
Protection
0.0
of
0.0
and
0.0
Access
0.0
to
0.0
Information
0.0
and
0.0
Information
0.0
Systems
0.0
.
0.0
CC
0.0
/
0.0
S
0.0
/
0.0
As
0.0
shall
0.0
:
0.0
Ensure
0.0
that
0.0
notice
0.0
and
0.0
consent
0.0
banners
0.0
are
0.0
displayed
0.0
to
0.0
individuals
0.0
access
0.0
ing
0.0
component
0.0
-
0.0
owned
0.0
or
0.0
-
0.0
controlled
0.0
ISs
0.0
.
0.0
000000000000000000000base value00fDesign for the Fight(inputs)
inputs
0.0
0.0
Protection
0.0
of
0.0
and
0.0
Access
0.0
to
0.0
Information
0.0
and
0.0
Information
0.0
Systems
0.0
.
0.0
CC
0.0
/
0.0
S
0.0
/
0.0
As
0.0
shall
0.0
:
0.0
Ensure
0.0
that
0.0
notice
0.0
and
0.0
consent
0.0
banners
0.0
are
0.0
displayed
0.0
to
0.0
individuals
0.0
access
0.0
ing
0.0
component
0.0
-
0.0
owned
0.0
or
0.0
-
0.0
controlled
0.0
ISs
0.0
.
0.0
0.50.30.10.70.91.100base value00fDevelop and Maintain Trust(inputs)
inputs
0.0
0.0
Protection
0.0
of
0.0
and
0.0
Access
0.0
to
0.0
Information
0.0
and
0.0
Information
0.0
Systems
0.0
.
0.0
CC
0.0
/
0.0
S
0.0
/
0.0
As
0.0
shall
0.0
:
0.0
Ensure
0.0
that
0.0
notice
0.0
and
0.0
consent
0.0
banners
0.0
are
0.0
displayed
0.0
to
0.0
individuals
0.0
access
0.0
ing
0.0
component
0.0
-
0.0
owned
0.0
or
0.0
-
0.0
controlled
0.0
ISs
0.0
.
0.0
000000000000000000000base value00fDevelop and Maintain Trust(inputs)
inputs
0.0
0.0
Protection
0.0
of
0.0
and
0.0
Access
0.0
to
0.0
Information
0.0
and
0.0
Information
0.0
Systems
0.0
.
0.0
CC
0.0
/
0.0
S
0.0
/
0.0
As
0.0
shall
0.0
:
0.0
Ensure
0.0
that
0.0
notice
0.0
and
0.0
consent
0.0
banners
0.0
are
0.0
displayed
0.0
to
0.0
individuals
0.0
access
0.0
ing
0.0
component
0.0
-
0.0
owned
0.0
or
0.0
-
0.0
controlled
0.0
ISs
0.0
.
0.0
0.50.30.10.70.91.100base value00fDevelop the Workforce(inputs)
inputs
0.0
0.0
Protection
0.0
of
0.0
and
0.0
Access
0.0
to
0.0
Information
0.0
and
0.0
Information
0.0
Systems
0.0
.
0.0
CC
0.0
/
0.0
S
0.0
/
0.0
As
0.0
shall
0.0
:
0.0
Ensure
0.0
that
0.0
notice
0.0
and
0.0
consent
0.0
banners
0.0
are
0.0
displayed
0.0
to
0.0
individuals
0.0
access
0.0
ing
0.0
component
0.0
-
0.0
owned
0.0
or
0.0
-
0.0
controlled
0.0
ISs
0.0
.
0.0
000000000000000000000base value00fDevelop the Workforce(inputs)
inputs
0.0
0.0
Protection
0.0
of
0.0
and
0.0
Access
0.0
to
0.0
Information
0.0
and
0.0
Information
0.0
Systems
0.0
.
0.0
CC
0.0
/
0.0
S
0.0
/
0.0
As
0.0
shall
0.0
:
0.0
Ensure
0.0
that
0.0
notice
0.0
and
0.0
consent
0.0
banners
0.0
are
0.0
displayed
0.0
to
0.0
individuals
0.0
access
0.0
ing
0.0
component
0.0
-
0.0
owned
0.0
or
0.0
-
0.0
controlled
0.0
ISs
0.0
.
0.0
0.50.30.10.70.91.100base value00fDevelop the Workforce (inputs)
inputs
0.0
0.0
Protection
0.0
of
0.0
and
0.0
Access
0.0
to
0.0
Information
0.0
and
0.0
Information
0.0
Systems
0.0
.
0.0
CC
0.0
/
0.0
S
0.0
/
0.0
As
0.0
shall
0.0
:
0.0
Ensure
0.0
that
0.0
notice
0.0
and
0.0
consent
0.0
banners
0.0
are
0.0
displayed
0.0
to
0.0
individuals
0.0
access
0.0
ing
0.0
component
0.0
-
0.0
owned
0.0
or
0.0
-
0.0
controlled
0.0
ISs
0.0
.
0.0
000000000000000000000base value00fDevelop the Workforce (inputs)
0.50.30.10.70.91.100base value00fPartner for Strength(inputs)
inputs
0.0
0.0
Protection
0.0
of
0.0
and
0.0
Access
0.0
to
0.0
Information
0.0
and
0.0
Information
0.0
Systems
0.0
.
0.0
CC
0.0
/
0.0
S
0.0
/
0.0
As
0.0
shall
0.0
:
0.0
Ensure
0.0
that
0.0
notice
0.0
and
0.0
consent
0.0
banners
0.0
are
0.0
displayed
0.0
to
0.0
individuals
0.0
access
0.0
ing
0.0
component
0.0
-
0.0
owned
0.0
or
0.0
-
0.0
controlled
0.0
ISs
0.0
.
0.0
000000000000000000000base value00fPartner for Strength(inputs)
inputs
0.0
0.0
Protection
0.0
of
0.0
and
0.0
Access
0.0
to
0.0
Information
0.0
and
0.0
Information
0.0
Systems
0.0
.
0.0
CC
0.0
/
0.0
S
0.0
/
0.0
As
0.0
shall
0.0
:
0.0
Ensure
0.0
that
0.0
notice
0.0
and
0.0
consent
0.0
banners
0.0
are
0.0
displayed
0.0
to
0.0
individuals
0.0
access
0.0
ing
0.0
component
0.0
-
0.0
owned
0.0
or
0.0
-
0.0
controlled
0.0
ISs
0.0
.
0.0
0.50.30.10.70.91.10.3516940.351694base value0.9553040.955304fPrevent and Delay Attackers and Prevent Attackers from Staying(inputs)0.203Protection0.119CC0.061:0.049Information0.047individuals0.046access0.035Systems0.034Access0.033Information0.025S0.024Ensure0.022As0.021/0.019ing0.019consent0.01are0.008or0.008shall0.007and0.006/0.001ISs0.0-0.047banners-0.036owned-0.033.-0.024.-0.013to-0.011and-0.008of-0.007that-0.005notice-0.004and-0.004component--0.001to-0.0-controlled-0.0displayed
inputs
0.0
0.203
Protection
-0.008
of
-0.004
and
0.034
Access
-0.001
to
0.033
Information
0.007
and
0.049
Information
0.035
Systems
-0.024
.
0.119
CC
0.006
/
0.025
S
0.021
/
0.022
As
0.008
shall
0.061
:
0.024
Ensure
-0.007
that
-0.005
notice
-0.011
and
0.019
consent
-0.047
banners
0.01
are
-0.0
displayed
-0.013
to
0.047
individuals
0.046
access
0.019
ing
-0.004 / 2
component-
-0.036
owned
0.008
or
-0.0 / 2
-controlled
0.001
ISs
-0.033
.
0.0
0.70.50.30.91.10.3516940.351694base value0.9553040.955304fPrevent and Delay Attackers and Prevent Attackers from Staying(inputs)0.203Protection0.119CC0.061:0.049Information0.047individuals0.046access0.035Systems0.034Access0.033Information0.025S0.024Ensure0.022As0.021/0.019ing0.019consent0.01are0.008or0.008shall0.007and0.006/0.001ISs0.0-0.047banners-0.036owned-0.033.-0.024.-0.013to-0.011and-0.008of-0.007that-0.005notice-0.004and-0.004component--0.001to-0.0-controlled-0.0displayed
inputs
0.0
0.203
Protection
-0.008
of
-0.004
and
0.034
Access
-0.001
to
0.033
Information
0.007
and
0.049
Information
0.035
Systems
-0.024
.
0.119
CC
0.006
/
0.025
S
0.021
/
0.022
As
0.008
shall
0.061
:
0.024
Ensure
-0.007
that
-0.005
notice
-0.011
and
0.019
consent
-0.047
banners
0.01
are
-0.0
displayed
-0.013
to
0.047
individuals
0.046
access
0.019
ing
-0.004 / 2
component-
-0.036
owned
0.008
or
-0.0 / 2
-controlled
0.001
ISs
-0.033
.
0.0
0.50.30.10.70.91.100base value00fSecure Data in Transit(inputs)
inputs
0.0
0.0
Protection
0.0
of
0.0
and
0.0
Access
0.0
to
0.0
Information
0.0
and
0.0
Information
0.0
Systems
0.0
.
0.0
CC
0.0
/
0.0
S
0.0
/
0.0
As
0.0
shall
0.0
:
0.0
Ensure
0.0
that
0.0
notice
0.0
and
0.0
consent
0.0
banners
0.0
are
0.0
displayed
0.0
to
0.0
individuals
0.0
access
0.0
ing
0.0
component
0.0
-
0.0
owned
0.0
or
0.0
-
0.0
controlled
0.0
ISs
0.0
.
0.0
000000000000000000000base value00fSecure Data in Transit(inputs)